Hot Take "Potential" infostealer download link

[Divine_Barakah]

Unexpectedly, Quick Heal detected the bat file (with K and B), does it indicates it is not that bad?

Personally I judge a security vendor by how fast it reacts to malware submission either by a signature or cloud detection.

 

[Divine_Barakah]

The bat file is detected by ESET

 

[Parkinsond]

Personally I judge a security vendor by how fast it reacts to malware submission either by a signature or cloud detection.

Consider Quick Heal fast?

 

[Parkinsond]

The bat file is detected by ESET


View attachment 294009

Expected some of vendors not listed on VT will detect it by heuristics and emulation.

 

[Divine_Barakah]

Consider Quick Heal fast?

I've never used it and I intend not to use it. I prefer other well-known vendors. And I'd rather stick to MD.

 

[Parkinsond]

I've never used it and I intend not to use it. I prefer other well-known vendors. And I'd rather stick to MD.

The question I am asking myself in such situation is those minor vendors detecting a malware with few major vendors are really as good as the major ones, or they just randomly flag files and this detection is "actually" a FP, which can be uncovered by repeated flagging of several benign files?

 

[Divine_Barakah]

The question I am asking myself in such situation is those minor vendors detecting a malware with few major vendors are really as good as the major ones, or they just randomly flag files and this detection is "actually" a FP, which can be uncovered by repeated flagging of several benign files?

Maybe they just flag unknown files. Maybe they add detection when a file is detected by well-known vendors detect the file on VT. I am not sure. This is just speculation. Let's not forgot that we are talking about signature-based detection which is one layer. Big players have many other effective detection layers.