Serious Discussion Turtle‘s Enhanced Realworld Tests ( updated )

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,785
It's not a beta or at least it's TR, but probably will be/it is already the final version, because it can be activated with commercial keys, beta can't be.

You can change temporally the Chinese UI into English with the key combination SHIFT + F12 (SHIFT + F5 back to original lang.)
 
Last edited:

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,785
If you can contact Kaspersky officials, I strongly recommend that you provide feedback on the issue with Nimbo C2. They can indeed generate VHO detection on the original Nimbo C2 exe, but it is not effective on the DLL. And unless BypassUAC is attempted, System Watcher will also be completely blind to Nimbo C2's activities, including keylog and file transfer.

If You can provide me, via pm, the sample/s, I can try to send a report.
 

[correlate]

Level 18
Top Poster
Well-known
May 4, 2019
801
Sincerely thank you.
I initially conducted tests to rank the effectiveness of various security software, but after my second test, WiseVector proactively contacted me and I discussed the testing process with them. Then, they released a new version to completely prevent Empire's file less attacks.
Afterwards, Huorong/QiAnXin also contacted me and I reviewed the entire testing process with them, believing that it would also be helpful to them. Now that's my main purpose, that's why I'm continuing this test. So starting from the third issue, I will not only publish the results on security forums in China, but also on MalwareTips, because I hope to write in detail how the samples were generated and what modifications were made, so that security software vendors can directly follow it to enhance their protection.
I can use these tools and hackers can also use them, so enhancing protection is not a bad thing for anyone, which is also the reason why I am disclosing it in detail.
I don't work for any security software vendor, and I'm not a full-time researcher. I just want to do my best to make the internet more secure. That's why I never provide ranking charts for the tests I publish, but I try to provide detailed explanations of the attack process and sample sources.

Because of this original intention, I seem to have overlooked the people who hope to use my tests as rankings, and I will pay attention to them in the future. Start by distinguishing between enterprise level and consumer level.​
Hello Mr @ShenguiTurmi
Can you do a test on Jiangmin program?
赤豹终端安全软件
 

ShenguiTurmi

Level 3
Thread author
Well-known
Feb 28, 2023
126
Hello Mr @ShenguiTurmi
Can you do a test on Jiangmin program?
赤豹终端安全软件
I am in mainland China, so I cannot purchase the Taiwan version. The activation binding device for the mainland version cannot be experienced by you personally.
As for the testing, I included it in this test, but it is not allowed to post non English videos here, so now only the results are available.
Simply put, it has machine learning, but it is not very strong (relative to DeepInstinct/CrowdStrike), has no behavior based protection, and has no script protection at all.
 

[correlate]

Level 18
Top Poster
Well-known
May 4, 2019
801
I am in mainland China, so I cannot purchase the Taiwan version. The activation binding device for the mainland version cannot be experienced by you personally.
As for the testing, I included it in this test, but it is not allowed to post non English videos here, so now only the results are available.
Simply put, it has machine learning, but it is not very strong (relative to DeepInstinct/CrowdStrike), has no behavior based protection, and has no script protection at all.
And this as well
micropoint
微点主动防御软件体验版
 

[correlate]

Level 18
Top Poster
Well-known
May 4, 2019
801
I am in mainland China, so I cannot purchase the Taiwan version. The activation binding device for the mainland version cannot be experienced by you personally.
As for the testing, I included it in this test, but it is not allowed to post non English videos here, so now only the results are available.
Simply put, it has machine learning, but it is not very strong (relative to DeepInstinct/CrowdStrike), has no behavior based protection, and has no script protection at all.
Can you send me the video link
So that I can watch
 

ShenguiTurmi

Level 3
Thread author
Well-known
Feb 28, 2023
126

Jengo

Level 9
Well-known
Nov 9, 2022
417
This "test" totally not representable at all. Mix of Hard / Normal settings..... please learn how to test by contacting @Shadowra , your test is a waste of time ( and time to read )
Next please.....
 
  • Like
Reactions: [correlate]

Kongo

Level 36
Verified
Top Poster
Well-known
Feb 25, 2017
2,562
This "test" totally not representable at all. Mix of Hard / Normal settings..... please learn how to test by contacting @Shadowra , your test is a waste of time ( and time to read )
Next please.....
Even tho the test was rather sub-optimal I am sure it took a lot of time and effort for them. So no need to be that disrespectful.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top