Indra Ramadhan Posted September 3, 2014 Report Share Posted September 3, 2014 Emsisoft Dont have a Behavior Blocker VBS or Heuristic VBS Crypted?http://berita.terbaru.link/uji-pendeteksian-antivirus-pada-malware-vbs-terenkripsi/ Link to comment Share on other sites More sharing options...
Fabian Wosar Posted September 3, 2014 Report Share Posted September 3, 2014 I don't speak Indonesian but it appears they modified the script and rechecked detection. In general if the parts they modified are parts that we were matching with the signature, it would be expected that the file is no longer detected. That is true by the way for all signature based detections. We do have heuristics, but heuristics will never detect everything. In fact the fact that there was a signature to begin with is due to the fact that the normal script heuristic didn't flag the file as being malicious to begin with. Otherwise there would have been no need to add a signature at all. Link to comment Share on other sites More sharing options...
Recommended Posts