Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

latest list of viruses / malware signatures for F-Secure

Posted on 2016-09-06
5
Medium Priority
?
171 Views
Last Modified: 2016-09-15
I'm trying to sieve out which of the signatures / malwares in F-Secure is ransomware.
Anyone can get me a list?
0
Comment
Question by:sunhux
  • 3
  • 2
5 Comments
 

Author Comment

by:sunhux
ID: 41785857
I've got from majorgeeks & other sites : all of them ask to download
fsdbupdate9.exe (ie latest) & it can't install/run : I used 7zip to open
its contents but don't see any virus pattern file in it.

For TrendMicro, the lpt$vpn.xxx contains virus definitions & by issuing
   find/i  "name" lpt*  
it lists out the virus names
0
 
LVL 65

Accepted Solution

by:
btan earned 2000 total points
ID: 41785978
I am thinking a more manual approach instead.

a) May be is to get from its threat description listing under the "latest description - PC and Mobile type" & "notable threats - Crimeware"
https://www.f-secure.com/en/web/labs_global/threat-descriptions
https://www.f-secure.com/en/web/labs_global/notable-threats

b) It may not cover all for (a) and we consider grabbing from the FSecure DB Tracker which in each listing of the update, it listed the malware names for e.g. in "2016-09-05_07" update, go to the link and you should see the AV names added or updated
https://www.f-secure.com/dbtracker/Aquarius/2016-09-05_07.html
https://www.f-secure.com/dbtracker/
0
 

Author Comment

by:sunhux
ID: 41787722
> go to the link and you should see the AV names added or updated
https://www.f-secure.com/dbtracker/Aquarius/2016-09-05_07.html
Why is AV names being removed, thought they should just be adding on
to make it more complete?  Is there such thing as a malware/virus getting
obsoleted?
0
 

Author Comment

by:sunhux
ID: 41787737
Btw, how do I identify from F-Secure's list if a malware is a ransomware?  
As long as the description contains the string  "lock" or "cryp" ?

But from https://id-ransomware.malwarehunterteam.com ,
there are ransomware with names that don't contain the above 2 strings, eg:
777
7ev3n
7h9r
ACCDFISAv2.0
Alfa
Alpha
AMBA
Apocalypse
Bandarchor
BankAccountSummary
Bart
0
 
LVL 65

Assisted Solution

by:btan
btan earned 2000 total points
ID: 41788154
you cannot depend on just the AV signature name, the details still need to look into. There are many variation and not all ransomware are reflective from its name unlike the earlier one like Cryptolocker, CryptXXX etc.. probably has to look into the alias as well. https://www.f-secure.com/v-descs/trojan_w32_ransom.shtml


Even AV provider has different naming too. This is also demonstrated in VirusTotal listing of the hit by AVs https://www.virustotal.com/en/file/52cbf09633bd646bbdddf4d7ac5fb8993022d41e6395749eb50f3e2c25835857/analysis/
https://virustotal.com/en/file/8a8a3cfb9f30e349bd86ea6fd79d6ae57af95143398fbb6207331937ee35aa06/analysis/1462121521/
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Curious about the latest ransomware attack? Check out our timeline of events surrounding the spread of this new virus along with tips on how to mitigate the damage.
If you are like me and like multiple layers of protection, read on!
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Suggested Courses

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question