Huorong Internet Security v's 1000 Malware samples (.exe)

kC77

Level 4
Thread author
Aug 16, 2021
191
Was a request to give this a quick go, well it really didn't do very well at all, it didn't make it 7 minutes into the test or able to run all the samples before the vm became overwhelmed with malware..... process explorer was killed, then command prompt, and eventually I couldn't bring up task manager......my IDS alerts were through the roof, about 250 alerts in 3 minutes.... I did briefly manage to see in currports the amount of malicious connectivity (established connections) but then it soon couldn't recover from black screen .... so i couldn't check if my test picture files were crypto'd (im guessing they would be!) or the final status of what processes was left running or in startup.... this was a game over fail.

this was the latest version 5.0.66.3 and reported fully up to date with latest definitions, running on default settings under windows 10 (i didnt tweak anything) all samples ran were from the last 10 days and .exe only

not much good things to say for this one! it didn't provide much protection at all (**its a tough and totally unrealistic test!) the only recovery from this would likely be a windows re-install!

link to gif of the test (39.8mb)
 

kC77

Level 4
Thread author
Aug 16, 2021
191
Can you also do this test with k7 total security? A small , lightweight , very effective program.
downloaded the trial and ran the test, first thing i noticed which is odd for an AV is to see a Virus total score for it!

started running the batch, but realised it hadn't stopped windows defender from running.... so likely the first 50 or so were blocked by defender...quickly disabled it & k7 got most of the rest, there was an "archangel" installer still running at the end in process explorer,
k7 post scan.png
I dont think it was really doing anything.... and on startup a lol.bat trying to launch a malicious website, but there was nothing that nasty that tried connecting outbound, so looks good! Ill have to redo it again and remember to disable defender manually first!!:LOL: