Take a example of this:
Static analysis only shows 1-2 suspicious indicators and its decides it as “highly suspicious” which of course it is malware.
But now take a example of this:
4-5 suspicous static indicators and yet the malware is labelled as “Unknown” !?? isn’t this supposed to be labelled as highly suspicious ?
then again only 2 suspicious indicators on static and nothing malicious in this case from static analysis. Its really confusing on how verdicts are being determined!?
I have noticed this stuff to be highly inconsistent also CAMAS Dynamic Analysis is always not available why !??? can someone from comodo or something answer this query and check this stuff out. Would be highly appreciated !!
It would only make comodo stronger.