confirmation.js

How avast missed that .js file?
Avast behavior shield failed to block it.
Is avast take AVG’s JS emulator engine or not???
Send it to avast viruslab.
Virus Total-https://virustotal.com/en/file/3ba6df194923d25801728df6caf71650d4b6dfbacd7d243502c1d07927a2d089/analysis/1487387200/

Did you actually test the behav. shield here because we have seen it in action against similar files.I found the URL the file came from.Reported to the analysts. :slight_smile:

The file is a day old and lot of antiviruses don’t see it.

Yes i do.

No alerts from behav. shield once the sample was executed?

Nothing.I set it to always ask.

Strange! Should have been flagged as IDP.ALEXA

Let see answer from avast team. :slight_smile:

u can try again excute the js file , who know the download link will be online back ::slight_smile:

yup but since it did nothing…there is nothing behav. shield could detect here ::slight_smile:

Hi True Indian and Be Secure,

Best analysis of this you can find here (2 days ago): https://www.hybrid-analysis.com/sample/3ba6df194923d25801728df6caf71650d4b6dfbacd7d243502c1d07927a2d089?environmentId=100
where it was being interrogated through script Heavy Anti-Evasion etc.

Whenever not a FP it comes as Ransomeware related.

polonus