Will XAMAS(Xcitium Automated Malware Analysis Service) be added to Xcitium Verdict Cloud?

nivedithab · June 29, 2023, 12:55pm

I got feedback from the team and they said that this is the normal behavior and there is no issues, those are PE file attributes and there might be some modification like, debug version, packer, crypted and so on. Also having a few suspicious attributes it doesn’t mean the file/sample needs to have final verdict as malware.

Nik · June 29, 2023, 1:00pm

no i said that PE Sections are not suspicious like in 2016 or 2017 i have seen that it was SUSPICIOUS but now it doesnt work so pls fix it

nivedithab · June 29, 2023, 1:16pm

I will check with the team for PE section

Nik · June 29, 2023, 1:17pm

also how can Xcitium rate this as Clean if its rated from SLA as Malicious???

nivedithab · June 29, 2023, 1:49pm

@Nik

kindly share the sha1 , our team will look into it and analyse and mark the file accordingly.

nivedithab · June 29, 2023, 1:50pm

Regarding the PE section our Valkyrie team analysed the images and shared their feedback as " ndata it is a section which will contain the unpacked code from the installer , and entropy can also point to an installer or an packer, these are informational and not decisive when marking a sample as malware "

Nik · June 29, 2023, 1:57pm

e7af06c555fa086172b595631de59bd006aae2c6 SHA1

Nik · June 29, 2023, 1:59pm

no no no you did not understand me The latest PE Sections wont label as SUSPICIOUS and i saw in 2016 or 2017 it was SUSPICIOUS so thaths the problem that the team needs to fix

Nik · June 29, 2023, 2:05pm

about XAMAS

it works perfectly

nivedithab · June 29, 2023, 2:08pm

I conveyed to the Valkyrie team to validate the details and investigate further .

Nik · June 29, 2023, 2:10pm

@nivedithab and fix Static Analysis Overall Verdict and Analysis Problem

Nik · June 29, 2023, 2:20pm

@QuickSilverST i have analysed ur sample called ada.exe Xcitium Cloud Verdict

Nik · June 29, 2023, 2:38pm

@nivedithab also sub to @QuickSilverST JITech Solutions - YouTube

nivedithab · June 29, 2023, 2:51pm

@nik
The team has informed that the issues will be fixed in the newer version of Verdict when it is released.

Regarding the malware file the team will be analysing it.

Nik · June 29, 2023, 2:53pm

So Static Analysis Overall Verdict and PE Sections and Analysis Problem will be fixed in the new version of Verdict Cloud

Nik · June 29, 2023, 3:02pm

@nivedithab right the team said that?

nivedithab · June 29, 2023, 3:06pm

as per the team the issue should be resolved in the newer version.

Nik · June 29, 2023, 3:07pm

and PE Sections will be also SUSPICIOUS in the new version of Verdict Cloud
wow nice @nivedithab thx

nivedithab · June 29, 2023, 3:08pm

I will recheck with team again to ensure that the issues are resolved in newest version . I have already shared the screenshot and other details with the team

nivedithab · June 29, 2023, 3:09pm

, could you check this file again from your end