Malware Hub Report Panda Dome Advanced - February 2021 Report

Disclaimer
  1. This test shows how an antivirus behaves with certain threats, in a specific environment and under certain conditions.
    We encourage you to compare these results with others and take informed decisions on what security products to use.
    Before buying an antivirus you should consider factors such as price, ease of use, compatibility, and support. Installing a free trial version allows an antivirus to be tested in everyday use before purchase.

harlan4096

Moderator
Verified
Staff member
Malware Hunter
Apr 28, 2015
7,130
Panda Dome Advanced - February 2021 Report
Due to the small number of samples used in this tests, you should take results with a grain of salt. We encourage you to compare these results with others and take informed decisions on what security products to use.
__

C: Clean / P: Protected / P - NC: Protected - Not Clean / I: Infected / E: Encrypted

* Dynamic BB Bonus Test (Resident Protection Disabled)
* Partially Blocked
BSR: Before System Reboot

ASR: After System Reboot
AC: Blocked on Execution by Application Control


February
2021​
Samples
Pack​
Static
Detection​
Dynamic
Detection​
Total
Detection​
System Files
Encrypted​
2nd Opinion
Scanners​
System
Final Status​
Thread
Link​
01/02/2021
2
0 / 2
1 / 2
1 / 2
No
C: NPE
I: WV HMP
BSR: I
ASR: I
02/02/2021
3
0 / 3
3 / 3
3 / 3
No
C: HMP
I: WV NPE
P - NC
04/02/2021
2
0 / 2
1* / 2
1* / 2
No
C
BSR: I
ASR: P - NC
04/02/2021
1
0 / 1
0 / 1
0 / 1
Yes
N/A
I + E
05/02/2021
3
0 / 3
1* + 1 / 3
1* + 1 / 3
No
C: HMP
I: WV NPE
BSR: I
ASR: I
07/02/2021
1
0 / 1
0 / 1
0 / 1
Yes
C
E
09/02/2021
2
0 / 2
1 / 2
1 / 2
Yes
C
E
11/02/2021
2
0 / 2
0 / 2
0 / 2
No
C: WV HMP
I: NPE
BSR: I
ASR: I
12/02/2021
2
0 / 2
1 + 1* / 2
1 + 1* / 2
No
C: HMP
I: WV NPE
BSR: I
ASR: P
- NC
PDA
+
SG's
SETTINGS:
15/02/2021
2
0 / 2
1 (AC) + 1* / 2
1 (AC) + 1* / 2
No
I
BSR: I
ASR: I
16/02/2021
2
0 / 2
1 (AC) * / 2
1 (AC) * / 2
Yes (1)
C: NPE
I: WV HMP
BSR: I
ASR: P - NC
E (1)
18/02/2021
1
0 / 1
0 / 1
0 / 1
No
C: WV HMP
I: NPE
BSR: I
ASR: I
23/02/2021
2
0 / 2
2 (AC) / 2
2 (AC) / 2
No
I
P - NC
24/02/2021
3
1 / 3
1 + 1 (AC) / 3
1 + 1 (AC) / 3
No
I
P - NC
26/02/2021
3
0 / 3
2 / 3
2 / 3
No
C
BSR: I
ASR: I
27/02/2021
10
2 / 10
5 (AC) + 3 / 8
5 + 5 (AC) / 10
No
C: NPE
I: WV NPE
P - NC
/02/2021
-
/
/
/
/
/
Yes No
C I NC
C I P - NC
Post#
 
Last edited:

upnorth

Moderator
Verified
Staff member
Malware Hunter
Jul 27, 2015
4,218
Nice choice @harlan4096 , and extra because it was a bit long time since the last report.
 

uninfected1

Level 11
Verified
Jan 28, 2016
518
I'm also interested in how this performs. I had this a few years ago. Some may recall @Slyguy looked into PDA in some depth and came up with his hardening recommendations.

Even so there were still issues. Overall protection was pretty good when paired with OSArmor but in the end I uninstalled it.
 

silversurfer

Level 70
Verified
Trusted
Content Creator
Malware Hunter
Aug 17, 2014
5,969
Panda dome doesn't have much settings, the only thing that can increase security is the Application Control feature, but many of the threats in the hub are scripts, so it won't contribute much. It's an anti-exe feature.

Let me tell why I choose samples like scripts more than EXE, the reason is that malware as .exe will be sooner detected by almost all major AV.
Hub testers would have to test all samples earlier within 1-3 hours after the samples are shared to testers, but that doesn't work for different reasons for most of testers, so we have to consider to collect more samples which usually keep lower detection for the first 12-24 hours, that is mostly the case for scripts and even sometimes for Office samples as .xls (or similar file extensions)
 

upnorth

Moderator
Verified
Staff member
Malware Hunter
Jul 27, 2015
4,218
I don't agree, also weak malware detection, at the end of the month We will talk about it again 😅
Tick Tock GIF by memecandy
 

harlan4096

Moderator
Verified
Staff member
Malware Hunter
Apr 28, 2015
7,130
I've enabled Data Shield protection module for next tests and added there some system folders (Desktop and user docs folders).

I've also confirmed that still there a very annoying issue of Panda Dome,since I last tested in 2018... many times when Panda Dome finds a malicious file inside a folder, it DELETES ALL THE OTHER FILES INSIDE AND EVEN THE FULL FOLDER! 🤢🤮🤦‍♂️ it the last malware test I got this issue and had to extract again the other 2 samples to test...
 

silversurfer

Level 70
Verified
Trusted
Content Creator
Malware Hunter
Aug 17, 2014
5,969
I chosen the thread-title for samples, according to Analysis-Services: AnyRun & Triage, both has tagged that sample as #Qbot/Qakbot
I believe it must be "the version" of Qbot with SilentBuilder as recently almost always the case...

Payload .dll #Qbot

Sample .xls (latest Hub test)
 
Top