I have seen some threats with “-gen” in their name, e.g.:
- Win64:Evo-gen [Trj]
- Win64:MalwareX-gen [Trj]
Does the ending “-gen” mean something?
I have seen some threats with “-gen” in their name, e.g.:
Does the ending “-gen” mean something?
Hi Paul Blueberry,
Thank you for pointing that out. I appreciate your perspective.
Sorry that you oppose the use of AI-enhanced communication, based, however, upon my 22 years of experience in error-hunting.
My personal opinion on such generic detection is that it often depends on the technical methodology used.
So often, such a detection will kick up so-called false positives. (There, Avast and Avira may have similar FP’s.).
polonus
You accidentally copy-pasted the answer of ChatGPT twice. You should delete one copy, and at least note the source of the answer.
FYI: I am a person, and I want to talk to people here. I know, how to use GenAI services, and I will use one, if I want to.
The “-gen” suffix in the names of malware threats typically indicates that the detection is based on heuristic analysis or generically identified patterns rather than a specific signature. It basically means that the security software has identified a particular trait or behaviour that is shared by a class of malware, but it does not identify a particular recognised version.
Here’s a breakdown of what this typically means:
Generic Detection: The “gen” part implies that the detection is generalised. The security software has identified certain traits or behaviours that are consistent with various pieces of malware, which leads to the classification under the “-gen” category.
Behavioural Indicators: Instead of relying on a specific known signature of a malware strain (which might change frequently), antivirus programmes sometimes use broader heuristics that allow them to catch new variants or similar types of malware based on common characteristics, like how they behave in the system.
Adaptable Threats: Many cyber threats evolve or change their code to avoid detection. By using a generic detection method, security software can effectively identify and respond to these adaptable threats without needing to update every single time a new variant emerges.
Caution Recommended: While generic detections can catch new threats, they can sometimes result in false positives. It’s essential to take action based on these detections (such as quarantining or deleting the file), but also to confirm with further scanning and analysis.
In summary, the “-gen” suffix represents a classification system used by antivirus vendors to denote heuristically detected threats that share common properties but are not identified as a specific known piece of malware.
polonus (volunteer third-party cold reconnaissance website security analyst and website error-hunter)
Generic - characteristic of or relating to a class or group of things; not specific.
I don’t know Avast’s exact definition of that Generic term: