Self-Made Fortran Malware Analysis

Status
Not open for further replies.
Yes, it was 1st upload to OPENTIP, since the analysis took very long, field Fist Seen, some hours ago was showing 13:43 or so, when I just upload it, some minutes later this thread was created.
 
  • Like
Reactions: Berny
harlan4096 said:
Yes, it was, since the analysis took very long, field Fist Seen, some hours ago was showing 13:43 or so, when I just upload it, some minutes later this thread was created.
Click to expand...
Analysis taking too long system infected is at least partially failed if not failed at the ksn part and total results was partial damage to the machine , lost of some settings ,files
 
bazang said:
That is great. You will not find anybody coming to this thread and praising Comodo. I would not be surprised if the response was "The detection by Comodo is a bug. Not a feature."
Click to expand...
Only people who use comodo like me will praise it when it somehow works at detection XD

But at prevention it can stop most malware (that's why I use it )
 
  • Hundred Points
  • HaHa
Reactions: Captain Awesome and bazang
Vitali Ortzi said:
Not just that new gaming engine languages and even rust to some extent
Click to expand...
With the rise of AI, threat actors can use those to build the base code, and their job is to debug. They can use any language. Using this method is not new. It has been used for a long time. The difference now is the convenience of rapid build using AI.
 
I'm talking about 2 different executions, 1st one was to KOPENTIP, that caught it after 1st analysis, once uploaded was tagged as unknown just the analysis ended -> Malware, and second execution in my VM with KPremium, with the already mentioned results.
 
  • Like
Reactions: Berny and anirbandutta01
Vitali Ortzi said:
Only people who use comodo like me will praise it when it somehow works at detection XD

But at prevention it can stop most malware (that's why I use it )
Click to expand...
I don't want to derail this thread, but that is Melih's point:

"My personal agenda against the big name antivirus has produced a hot buggy mess of a security software, and yet, still it does just as good of a job, if not better, than all those big name antivirus. All at $0 cost to the consumer."
 
bazang said:
With the rise of AI, threat actors can use those to build the base code, and their job is to debug. They can use any language. Using this method is not new. It has been used for a long time. The difference now is the convenience of rapid build using AI.
Click to expand...
You can nowadays code undetected malware without even knowing to code
Pretty scary and you can tell ai to port it into all kinds of languages and you will just need to tell ai to use the least popular languages
 
  • Like
Reactions: HydraDragonAntivirus
Here comes the detection! Not as fast as Kaspersky, but still pretty good. :)
1735158376388.png


It hasn't come to VT yet. :unsure:
 
  • Like
  • Applause
Reactions: Dreams&Visions, roger_m, anirbandutta01 and 1 other person
Vitali Ortzi said:
Blocked too in checkpoint but when I change the hash it bypassed it again View attachment 286867

Try changing the hash and be amazed by it being undetected again XD
Click to expand...
Changing the hash and it's clean again
opentip.kaspersky.com

Kaspersky Threat Intelligence Portal

Kaspersky Threat Intelligence Portal allows you to scan files, domains, IP addresses, and URLs for threats, malware, viruses
opentip.kaspersky.com opentip.kaspersky.com

Comodo didn't detect it too (sent to human analysis so it might get detected by the time you're reading this)
verdict.xcitium.com

Cloud Verdict Customer Login | Xcitium Cloud Verdict

Sign in to your Comodo Valkyrie account to access your account and use the File analysis system. Not registered,Create an account here.
verdict.xcitium.com verdict.xcitium.com
Screenshot_2024-12-25-23-40-10-170_com.kiwibrowser.browser.jpg
 
Last edited:
harlan4096 said:
Yes, it was 1st upload to OPENTIP, since the analysis took very long, field Fist Seen, some hours ago was showing 13:43 or so, when I just upload it, some minutes later this thread was created.
Click to expand...
Opentip didn't detect it with a changed hash so if a hash change is enough then it's awful
 
  • Wow
Reactions: anirbandutta01
Vitali Ortzi said:
Changing the hash and it's clean again
opentip.kaspersky.com

Kaspersky Threat Intelligence Portal

Kaspersky Threat Intelligence Portal allows you to scan files, domains, IP addresses, and URLs for threats, malware, viruses
opentip.kaspersky.com opentip.kaspersky.com

Comodo didn't detect it too (sent to human analysis so it might get detected by the time you're reading this)
verdict.xcitium.com

Cloud Verdict Customer Login | Xcitium Cloud Verdict

Sign in to your Comodo Valkyrie account to access your account and use the File analysis system. Not registered,Create an account here.
verdict.xcitium.com verdict.xcitium.com
View attachment 286868
Click to expand...
Its detected by VirusScope(Static and dynamic behavioral analysis)
 
bazang said:
That is great. You will not find anybody coming to this thread and praising Comodo. I would not be surprised if the response was "The detection by Comodo is a bug. Not a feature."
Click to expand...
No its not a bug i tested it again and again VirusScope detected it as Generic.Trojan.C@1@1
 
Status
Not open for further replies.

You may also like...