Author Topic: File not detected by comodo cloud  (Read 1338 times)

Offline klaken

  • Comodo Family Member
  • ***
  • Posts: 54
File not detected by comodo cloud
« on: September 12, 2017, 06:47:44 PM »
The file if detected by valkyria but not by comodo cloud.

I was reviewing a series of malware and this one was not detected since it is in Valkyria.

https://valkyrie.comodo.com/get_info?sha1=39ef96e0781b4a4d54c4c6ce55aabbd9b4cfb3de
https://www.virustotal.com/#/file/a754ba970ae05659445f39a3c858ed52f8fa6d3dee37b58f480f5d481a9b8131/detection

Offline wasgij6

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 5718
| Win 10 Pro (x64) | UAC Disabled | CCAV | Intel i7 4770k | Asus Maximus VI Formula Mobo | Asus GeForce GTX 780 | G.Skill TridentX 32gb RAM | Samsung 850 Pro SSD |

Offline futuretech

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 4106
Re: File not detected by comodo cloud
« Reply #2 on: September 13, 2017, 01:03:31 PM »
Interesting the cloud scanner rating from CIS indicates .unlcassifiedmalware[at]1

Offline wasgij6

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 5718
Re: File not detected by comodo cloud
« Reply #3 on: September 13, 2017, 01:19:50 PM »
that usually means the file is whitelisted somewhere
| Win 10 Pro (x64) | UAC Disabled | CCAV | Intel i7 4770k | Asus Maximus VI Formula Mobo | Asus GeForce GTX 780 | G.Skill TridentX 32gb RAM | Samsung 850 Pro SSD |

Offline klaken

  • Comodo Family Member
  • ***
  • Posts: 54
Re: File not detected by comodo cloud
« Reply #4 on: September 14, 2017, 12:12:43 AM »
valkyria if it detects the malware .. comodo cloud is the one that does not detect it.

Offline pio

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 569
  • I like CIS , Kali Linux , IDA Pro & Fl Studio ;)
Re: File not detected by comodo cloud
« Reply #5 on: September 14, 2017, 12:43:33 AM »
valkyria if it detects the malware .. comodo cloud is the one that does not detect it.

In my experience, the used signature database(s) of Valkyrie , CAV and CCAV and the results shown , do not always seem to be fully synchronized . Curiously, sometimes the respective signature database(s) seem to be updated or interrogated at different intervals.
« Last Edit: September 14, 2017, 01:30:20 AM by pio »
*** Paranoid Bastard since CIS 3.5 ! Independent - NON Profit Malware Analyst ***

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek