AVLab.pl Microsoft Defender - pros and cons (November 2020)

Disclaimer

  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

F

ForgottenSeer 89360

Andy Ful said:
Such an attack will bypass many security solutions. The modified 0-day loader does not do anything malicious so it can be stopped by WD with some ASR rules, but not by default settings. Generally, AV home versions are not good to fight such attacks. Although KIS (default settings) has better protection than most Home AVs, it can fail in many cases too. There are so many possibilities that any generic algorithm cannot be sufficiently good.
Click to expand...
The samples I created successfully download and execute malicious code. Juts by changing the link inside, I can change what gets downloaded and because obfuscation relies on randomly-generates algorithms, it’s fair to say that my 20-minute craft is also polymorphic.
The modified version of nanocore that gets executed is fully functional, it didn’t fail to obtain credentials stored in Google Chrome. It also communicated to its C&C server.
I could easily distribute this sample, if I wanted. This is another proof that performance achieved on 0-day tests in labs is virtually impossible.
 
Last edited by a moderator:
  • Like
Reactions: Nagisa, Protomartyr, roger_m and 1 other person

Similar threads

Shadowra
    • Like
    • +Reputation
    • Thanks
App Review Microsoft Defender Antivirus with Andy Ful WHHLight
Replies
38
Views
3,692
Video Reviews - Security and Privacy
LennyFox
L
Adrian Ścibor
    • Like
    • +Reputation
    • Applause
AVLab.pl Analysis of modules for protection of online banking and payments
Replies
15
Views
1,238
Security Statistics and Reports
SeriousHoax
SeriousHoax
Gandalf_The_Grey
    • Like
    • Hundred Points
    • +Reputation
AV-TEST ATP Test: Defending Against Data Stealers and Ransomware (October 2023)
Replies
4
Views
675
Security Statistics and Reports
SeriousHoax
SeriousHoax

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top