Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Malware Analysis
Virus Total did not flag malicious
Message
<blockquote data-quote="Zero Knowledge" data-source="post: 1020035" data-attributes="member: 57429"><p>I would imagine detection goes MOTW/download URL/Creation time & date of file > machine learning > artificial intelligence > heuristics > signature/blacklist (similar) hash detection.</p><p></p><p>Google and Fortinet make sense because they suck in a lot of data from their web monitoring business and would have petabytes of data on malicious .zip/exe/msi files downloaded/hosted from the web and would be able to identify similar malicious software quickly. The other AV's/AM I'm not so sure, maybe they have not encountered a similar .zip in their cloud component of their software or web monitoring isn't their strong point.</p></blockquote><p></p>
[QUOTE="Zero Knowledge, post: 1020035, member: 57429"] I would imagine detection goes MOTW/download URL/Creation time & date of file > machine learning > artificial intelligence > heuristics > signature/blacklist (similar) hash detection. Google and Fortinet make sense because they suck in a lot of data from their web monitoring business and would have petabytes of data on malicious .zip/exe/msi files downloaded/hosted from the web and would be able to identify similar malicious software quickly. The other AV's/AM I'm not so sure, maybe they have not encountered a similar .zip in their cloud component of their software or web monitoring isn't their strong point. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
