App Review Qihoo 360 Sandbox vs WannaCry ransomware by Juan Diaz

[Arin]

 

[military]

Thanks for the test. And good, legitimate programs can work in a sandbox or they don't have enough powers of a sandbox ?

 

[Winter Soldier]

WannaCry and ransomware in general, often have no particular interest in trying to escape the various sandbox, because their first objective is the maximum possible spread, and you consider: how many people use running files in the sandbox as a precautionary measure? I believe a few of them, out of MT users and other advanced users.
Malware authors are working on large numbers, one million of targeted users, means at least hundreds of thousands of victims.
Malcoders are not worried if someone prevents the infection, being aware of that.

As usual, knowledge makes the difference.

 

[Atlas147]

I think most sandboxes would stop wannacry from escaping into the actual files because that's what they do. Unless the exploit has something to do with sandboxes, this would also apply to all malware.

That being said, a better test should be if the sandbox would prevent the spread of the malware.

 

[Windows Defender Shill]

Nice.......FU Wannacry

 

[mekelek]

if you have to run every file in a sandbox first to make sure you're safe,it's a pretty sad thing

 

[AtlBo]

Nice video.

You can sandbox all the MS Office 2007 apps (probably at least 10/13 too although I don't have them to try) with the 360 sandbox. MS Office runs good there. I'm not on a PC with Office now, but I think you can run with macros enabled, and they will work within the sandbox. Don't know about beyond that. I only have some macros in a file that move data from one tab to another in the file. Main thing is this would definitely stop VB dropper downloaders in Office macros. The downloaded .exe wouldn't run in the sandbox.