Thirio

Level 3
Nice keep us updated and let us know how it goes. This company makes some pretty bold statements on their website.

"We have reason to believe that we will become one of the most professional anti-hacking and anti-malware companies in China and the world in the next few years. "

And the part about identifying more and more unknown viruses over time is pretty riveting tbh.
 

kev216

Level 20
Verified
Trusted
Content Creator
Why does all those chinese software have the same UI? Qihoo, Kingsoft, Baidu and others also have that little shirt icon to change the theme for example. The colors and overall look also feels the same.
The detection seems to be decent, but the things written on the site are nice marketing sentences. Translations are also in alpha phase it seems.
Might be intersting for asian users, but I don't see much reasons to use this if you are not in China.
 

Thirio

Level 3
Although the GUI isn't finished yet the protection still functions. Not a big deal since there aren't any settings to tweak. No English version yet is understandable since it was released only this summer. What are your thoughts on the protection of Wisevector? That is the most important aspect of a security product.
 

Thirio

Level 3
I still have it testing here, its detection of .exe files is really impresive, BUT it can't manage .doc .xls or scripts (in general)... on the other hand, has also sometimes false positives, for instead, flagging legit applications as PUP.generic...
Can confirm the false positive thing. I had rollback rx setup files in my downloads folder and it detected those as malicious with the heuristics. I only briefly tested it against the first page of malc0de and it caught every .exe sample pre-execution which surprised me, so I shared it with MT to investigate :LOL:
 

Der.Reisende

Level 39
Verified
Trusted
Content Creator
Malware Hunter
https://malwaretips.com/threads/mixed-threats-20-07-12-2018.88457/
13/20 (left over only PDF files and .js / .vbs scriptors)
1544195795826.png
Unfortunately, I do not have the time to test the pack now. Will give a short feedback on the remaining samples.

__faktura_5229.vbs (wscript.exe) running in memory without Autorun, calling out.
DOC_RFQref201806121014.vbs successfully intercepted by TCPM BB (many BB alerts, blocking also AutoRuns).
Lloyds_Transaction_Log.vbs and Metrix.vbs did not run.
The two PDF were missed.

Not clean after reboot.
update.pngstatic.pngrun1.pngrun1_1.pngrun2.pngrun2_2.pngrun3.pngrun4.pngTCP_PE.pngautorun.pngfiles.png2o.png
 
Last edited: