bypass v5.10.228257.2253 (dll malware, QQ pass)

I add it to the list, “always sandbox”

go to the firewall tab, firewall behavior settings and turn off “Do not show popup alerts” does it still have access while in the sandbox?

  1. The configuration was “CIS”

2.The firewall was in “safe mode”

3.So, there were no firewall alerts

that is not what I asked you to check.

test the malware with DW:

1.DW trusts this file


2.DW untrusts another file


3.The user double clicks on the photo.exe

4.result: DW untrusts the photo.exe