I don't mean the results from virustotal or hybrid-analysis, I mean something like, if the reports from bitdefender are saying it's "Gen:Variant.Ulise.453253", and another is saying it's just a trojan, how can I verify how the inner workings of the tool work? Basically, how would you check if it's a false positive or not? I am only mildly understanding how to check them in VMs but I don't understand the cases for example if,
1) the virus detects the VM and doesn't activate
2) the virus steals data under the hood so you won't know
In this scenario it's not about "deleting the file" or "don't download it", it's moreso about understanding how to run these checks
[link] [comments]
from hacking: security in practice https://ift.tt/4NjgKRc
Comments
Post a Comment