Lack of antivirus engine detection
There is still no detective for the file encryptor called netwalker. Sample in the archive with the password infected. Please understand this situation.
Best Answers
-
Hi Member,
Not every vendor can detect every malware & it is probably known by millions of user that use their respective AV. The files has been shared with malware research team. If malicious, detection will be added in maximum of 72 hours.
In future kindly share the undetected samples directly with malware researchers through this online forum : https://www.bitdefender.com/site/Main/automaticSampleUploader
Regards
Flex
(Bitdefender beta tester 2019/ 2020)
OMEN Laptop 15-en1037AX (Bitdefender Total Security) & Samsung Galaxy S22 Ultra (Bitdefender Mobile Security)
5 -
Well, probably yes, B-HAVE may have stopped it from running but I have shared the file with research team in order to have a signature based detection for the specified sample.
Regards
Flex
OMEN Laptop 15-en1037AX (Bitdefender Total Security) & Samsung Galaxy S22 Ultra (Bitdefender Mobile Security)
5 -
Mostly the researchers will not respond back to any ticket since they have thousands of samples to deal with every day. If you need to get the information on your ticket, then you will have to forward the auto generated email sent to your mail to bitdefender support and ask them to get some information on the sample submission you did.
Alternatively, as I said earlier, if file is malicious, detection will be added in maximum of 72 hours. If there will be no detection after 72 hours, the sample may be considered as non malicious as per the bitdefender researchers.
Regards
Flex
OMEN Laptop 15-en1037AX (Bitdefender Total Security) & Samsung Galaxy S22 Ultra (Bitdefender Mobile Security)
5
Answers
-
Hi, Flex
Glad to talk to you again. It seems that this sample just detects the B-HAVE module of the antivirus with the definition of HEUR.BZC.PZQ.Pantera.50.1E621623. The detection of the OEM engine itself, as I understand it, is still missing. I draw the conclusion on the absence of a detector on the online analyzer VirusTotal and the scanner HitmanPro.
Regards
0 -
This is great! I similarly sent them a sample in the morning using the link you suggested. Let's see what the analysts will say.
Regards
0 -
Everything is very clear. Thank you for the useful information. It is not a problem. So, I think it's possible to wait for the detector to appear, especially the sample is guaranteed to be malicious.
Regards
0
