What Malwaredomainlist Links are Drive-Bys?

Discussion in 'other anti-malware software' started by Brandonn2010, Oct 24, 2011.

Thread Status:
Not open for further replies.
  1. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,849
    I'm feeling kind of cocky and may test my PCAV+AppGuard on locked-down setup with links from MDL, but I did this once on a VM, and most required me to run an executable, which would obviously be blocked. How can I tell if one of the links is a drive-by-download and not one you have to run?
     
  2. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    By looking at the ending. If it points to a file, then it's a download. If it points to a site, it's an exploit.
     
  3. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,849
    Thank you. Part of me wants to try and the other says there's no point in risking it. What is Ransom LockEmAll? Isn't that supposed to be a really bad malware?
     
  4. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    Yea Ransom malware locks up your entire system and forces you to pay for it to be unlocked (which it does not do when you pay they just take the money and run). Its pretty nasty to get I have seen it in anti malware testing videos.
     
  5. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    it is good stuff man;)
     
Loading...
Thread Status:
Not open for further replies.