Is your antivirus really secure? Testing Powershell payload obfuscated with Chimera

Article Excerpt

In this short post I’m going to show how most antiviruses can’t detect simple Powershell payload obfuscation tests done with Chimera. When it comes to cybersecurity, one of the most widespread protections both at home and in companies is antivirus.

Long Summary

This article discusses the importance of malware detection when choosing an antivirus and how it is the most important feature. It then goes on to explain how the best way to know which antivirus is suitable for us is to do some tests to see if it detects malware, specifically an obfuscated powershell reverse-shell. The article then provides a step-by-step guide on how to create an obfuscated powershell reverse-shell payload and how to test it on Norton360 and Kaspersky antivirus. It is noted that Norton360 did not detect the obfuscated payload, while Kaspersky did. The article then goes on to explain how the payloads were uploaded to VirusTotal and how only 5 antiviruses detected the obfuscated payload. It is concluded that if these antiviruses do not detect simple payloads obfuscated by available open-source tools, then much less more sophisticated malware with more complex obfuscations will be detected. The article ends by encouraging readers to look into the evidence and research by Red Team researchers on this topic of antivirus obfuscations and evasions. In conclusion, this article provides a comprehensive overview of the importance of malware detection when choosing an antivirus and how to test it. It also provides evidence that some antiviruses may not be as effective as they claim to be.

Short Summary

📓 Is your antivirus really secure? Testing Powershell payload obfuscated with Chimera

👉🏽 In this short post I’m going to show how most antiviruses can’t detect simple Powershell payload obfuscation tests done with Chimera. When it comes to cybersecurity, one of the most widespread protections both at home and in companies is antivirus. 👉🏽 Importance of malware detection in choosing antivirus 👉🏽 Testing antiviruses for malware detection with obfuscated payloads 👉🏽 Step-by-step guide for creating and testing obfuscated powershell reverse-shell 👉🏽 Norton360 and Kaspersky antivirus test results 👉🏽 Only 5 antiviruses detected obfuscated payload on VirusTotal 👉🏽 Implications for detecting more sophisticated malware 👉🏽 Evidence and research by Red Team researchers 👉🏽 Encourages readers to look into the issue 👉🏽 Comprehensive overview of malware detection importance and testing 👉🏽 Highlighting the effectiveness of some antiviruses.

#MalwareDetection #AntivirusSelection #ObfuscatedPayloads #VirusTotal #RedTeamResearch