Deprecated WiseVector Free AI Driven Security

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,635
WiseVector 2 StopX against the last pack from yesterday posted by @Der.Reisende: on demand: 9 / 16

Some captures from dynamic test:

V1.pngV2.pngV3.png

V4.pngV5.pngV6.png
 

imuade

Level 12
Verified
Top Poster
Well-known
Jul 29, 2018
566

Burrito

Level 24
Verified
Top Poster
Well-known
May 16, 2018
1,363

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,635
Some screen-shots of WV2 StopX against the last pack posted yesterday by @silversurfer:

On demand: 14 / 15

W1.png


On dynamic: 1 / 1, but partially blocked:

W2.pngW3.pngW4.pngW5.png

Although WV detected the threat upon execution, and also some dropped scripts to \AppData\Roaming\, still the malware set an entry in Windows AutoRun sections pointing to a script file located in StartUp folder... I rebooted the system and it ran for 1 second and auto terminated, I also ran it manuall after reboot and auto terminated, that script had 0 bytes...
 

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,635
Some screen-shots of WV2 StopX against the last pack posted yesterday by @silversurfer:

On demand -> 15 / 17 (a few minutes later pack was posted):

WV.png


On dynamic -> 1 (Partially Hit) / 2 (Setting Auto Quarantine On):

WV2.png
Same case than my tests of Sophos Home Premium with sample 03196649_pdf.jar, it could not stop it completely until System Reboot => System Protected.
 
Last edited:

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,635
Quick test of WV StopX 2 against the last pack posted yesterday by @silversurfer:

On demand -> 15 / 18:

WV1.png

On Dynamic -> 2 / 3:

WV2.pngWV4.pngWV3.png
Sample meF.exe triggered (hollowed) MSIE performing outbound connections, no entries in Windows AutoRun sections, so it did not run again after system reboot.
Final System Status Before System Reboot: Infected
Final System Status After System Reboot: Protected
 
Last edited:

WiseVector

From WiseVector
Verified
Top Poster
Developer
Well-known
Dec 14, 2018
643
Looks promising! Will it be a stand alone AV or more like a companion or second oppinion scanner?
Hi thrillskr,

If you want to use WiseVector as a stand alone AV, you'd better install a browser extension which can block Phishing and cryptocurrency mining.

Regards,
Wendy
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top