Where to report Malicious/Harming undetected Files?
Good Evening/Day everyone,
I got a Malicious File, its some kind of Ransomware wich deletes allmost all User Files, Removes the Mouse, Restarts the System. It runs via Command Line and got Detected by Advanced Threat Defence i think, but it was not able to prevent it from rendering the Sytem Unusable. There was no Heuristic or Signature Detection trough Scanning the File.
Is there any way to Report Malicious Files?
Best Regards,
ZeroX
Answers
-
Hello.
Only the anti-malware researchers at Bitdefender Labs can help you with the issue.
You should report the file(s) as false negative to Bitdefender Labs here:
https://www.bitdefender.com/consumer/support/answer/29358/
Regards.
1 -
This sounds like a particularly destructive type of ransomware or maybe wiper malware..
Like Gjoksi advised, it's best to report it to the Bitdefender Labs for further analysis. But if it got detected by Advanced Threat Defense, I don't think it's a false negative. However, it's important to find out exactly what happened afterwards and if the antivirus was able to completely remove the threat or not. When Bitdefender finds an infection on your computer, it usually takes automatic action against it and gets rid of the malware without requiring any input on your side.
If infected files are still found on the system and haven’t been dealt with by the system scan, follow the steps from the below article to manually remove the infection. Use the scan log to find out the path to the infected file:
Note: If Bitdefender still detects infected files that cannot be resolved, run a System scan and send the log to the Bitdefender Support Team via ticket. Check out this article to learn How to Scan a PC for viruses with Bitdefender & Export the scan Log. If you don’t have a ticket, please use the contact form available at this link:
I hope this helps.
Regards,
Alex
Premium Security & Bitdefender Endpoint Security Tools user
1 -
Hello again.
To add here, scan (and disinfect, if needed) your PC with Bitdefender Rescue Environment:
and after the scan is done, restart your PC.
You should also try the Bitdefender Ransomware Recognition Tool:
and see if you can get the appropriate decryption tool, if it exists.Regards.
1 -
You can also visit ID Ransomware website ( ), which holds the largest collection of information to detect what ransomware your system is infected with and whether a decryptor is available for it or not.
Regards
Life happens, Coffee helps!
Show your Attitude, when you reach that Altitude!
Bitdefender Ultimate Security Plus (user)
1 -
Thank you guys for jumping in and helping out! 😉👍️
Premium Security & Bitdefender Endpoint Security Tools user
0 -
Hello Guys,
So it seems like some of you didnt quite understand what i wrote there.
Firstly, i reported this as false Negative now because Bitdefender was NOT able to prevent it from destroying the System. Im doing Malware Analysis in my Freetime and found this File in the Any Run Sandbox. When launching it in my Virtual Machine it deleted many User Files (on Desktop etc) and probably downloaded another Malware (or its in the same Payload, idk) wich deleted the Mouse Curser. I think it also tries to instantly reboot the System after Executing but it could also open some kind of Ransom Screen and telling to pay. Im not sure anymore. But defenitely after Executing it Deletes User Files and after a System Reboot the Mouser Curser is gone. Theres no way of getting it back or resetting Windows other then trough BIOS or smth i guess. Funny thing is that Windows Defender detects this as Tojan Wacatac i think, and Bitdefender and Kaspersky dont do anything. Not even Behaviour Monitoring Module (Advanced Threat Defense/System Watcher) were able to stop it from Destroying the System.
Heres the Anyrun Sandbox Analysis for yall interested:
https://app.any.run/tasks/1deaf899-1405-47b7-a983-a8c12f5bd3bc
And heres the Virustotal Analysis:
https://www.virustotal.com/gui/file/08303d62f72e58e997e5caa20bf00c7d2ad37e9a14401cd6ac28def5a5a9231f
Best Regards;
ZeroX1
