KillMBR malware - anyone tried/ tested it?

Anyone interested or tried it before? I will love to have some snapshots.

GesWAll
CFP Defence Plus
DefenceWall
ThreatFire
EQS

Thanks

 

Hello aigle,

I have tested such a malware sample a few weeks ago against DefenseWall(DW). Fortunately, DW was successfully able to block and contain it. As for snapshots, unfortunately, I am only interested in testing malware and observing their actions.


Peace & Gratitude,

CogitoErgoSum

 

Sorry, such a sample mean what exactly.

Me too but snapshots are a way of observation for a person who is not testing himslef.

 

Hello aigle,

To clarify, I just wanted to say that I tested an actual KillMBR sample.


Peace & Gratitude,

CogitoErgoSum

 

That,s clear now.

Thanks

 

Hi Aigle,

It was used in this topic but the topic poster neglected to tell folks what they were using as *live* test

https://www.wilderssecurity.com/showthread.php?t=213351

I have samples

 

I don't know if I would trust VT or Jotti for scans.

If I remember right, this is why EP looked for other scaning sites. The maleware writers used to scan at VT when there was an option to NOT send the data to all AV makers. This way they could see if it was being flagged or even suspicious. Now I think they use other scan sites. EP's last POC was never detected by AV's or HIPS if I rmemeber right.



PLUS wasn't it Rustock C that was not flagged for over a year?

 

Aigle I have samples too.
BTW SBIE blocks it.

 

Thanks. Good news.

 

Thanks a lot.

I just missed that thread.

 

Can anyone test with GesWall and TF?

Thanks

 

Hello aigle,

I also tested KillMBR against Primary Response Safeconnect(PRSC). Unfortunately, PRSC does not detect it.


Peace & Gratitude,

CogitoErgoSum

 

Thanks for the info. Seems tey have not added such filters yet. Not sure about TF.

 

Anyone willing to test with GW n TF?

Thanks