Jump to content
Veronika Tanaeva

AVEngine, Pbs.kdl, Integrity Control, System Watcher update

Recommended Posts

Hello!

We are asking you to test IC, SW2 modules update

Update available from: http://dnl-test.kaspersky-labs.com/test/iro/

 

Release date:

25 September 2017 (start of targeting)

Update description:

 

Avengnie 2.3.0.2:

Windows

MD5 (x86):                   824fb481d0558926baa07a8187e2e912

MD5 (mod, x86):       fc5ff99e42c428a8155bdb97d55e4a8a

 

MD5 (x64):                   da30a18044d7cdc05c9de0f20edb666d

 

Mac

MD5 (x86):                   67b2298167d01163dcbc2672d4dd6ce8

 

Linux

MD5 (x86):                   978e0b89e8238dc428af82aace5d77e1

MD5 (x64):                   06e399905420beb27e4dea572dd1d006

 

FreeBSD

MD5 (8, x86):              a38e7041afd413e25bb587712d2f5b2f

MD5 (8, x64):              3010dc0daa7621f4df9a7c76f2eb42df

MD5 (9, x86):              69d122b92c3e627e301e77e4de05d0ff

MD5 (9, x64):              757cbc2b541a72d4b1736ec5ffebce95

 

Changelist:

Support HTTP request scanning

Add Anti-Cryptor в KESL10

Fix KES10SP2 System Watcher conflict with Hancom

Bug fix

 

PBS.kdl

2.5.0.9 

60aa62214d3b705a21f5dac5637bb372 *pbs.kdl

3a0e4de0558b4fb674ccab1410906774 *mod/pbs.kdl

 

Changelist: 

Change compression mechanism from KLAVPack to KLZ

Add verisign и PPL signature

 

 

Integrity Control

intctrl.kdl (x86, unmod)    Version: 2.3.0.113    MD5: 6F3A2F77E91B4B13F35CD5DBAC9FC648    GOST: 8CE850F873C22F012842D9D4F0D44F8A5C2EF6CDF78C5785D0CB42C2FCEA7582
intctrl.kdl (x86, mod)    Version: 2.3.0.114    MD5: 618F47A91F8125E05ADEF37E5268C723    GOST: 7CF90F095D19354F3BFE92A78F3575F1EE58928FFC9A95525894058514000969
 

Changelist:

- improvements of detection mechanisms

How to test

 

SystemWatcher

  klavasyswatch.dll (x86, unmod) Version: 2.3.6.2285 MD5: B0C8AB593399F9AD9080416A8BDADF7D GOST: 4B58FD5E7CE6BD0784FC4B8EFA9E576BA950A73A567FC5ABACF962D1DFA31F89
  klavasyswatch.dll (x86, mod) Version: 2.3.6.2286 MD5: F8B82A64A4A2276A450A3533C064C53D GOST: 7B285FE7E70830C1E57A0BBA2D562B6B830B942A1BAD4B5C4587E099E23B2C7F
  sw2.xms (unmod)   MD5: A27821B736A3AE8B48BD1E19D9A5B28D GOST: 21C4CC69671956CDA202E8EEBBB8C5CF0500220095E58A6073F4FCC15482054F
  sw2.xms (mod)   MD5: C81CFA78740025E80F041A8049B87335 GOST: 4759099145693735DF2BF7C4F8E5B255177A48190AE01DFBFE5C32329F8D6165
  rollback.dll (x86, unmod) Version: 2.0.0.1298 MD5: DF6D392D69DC5CCC57176C201E5596DF GOST: 1C58A2F106F3C7454674A79B69630F9B7BEE749269792C250190019713E40001
  rollback.dll (x86, mod) Version: 2.0.0.1299 MD5: F3C2424524B6E99112D9CDD263C38CE6 GOST: 48687D6EA75441A431C6937972A9EE3896F5A798C2D8378E4E0D7B347D414EBF
  sw2ar.xms   MD5: BF8C97C6CB4E211ED1946726CAC6C4C8 GOST: F227AC9C0A6B763D40FA63DFD58F96432B1447D9D674C97B36FC5B4EA16B255D
  amsi_plugin32.dll (x86, unmod) Version: 2.3.6.2285 MD5: 883EC2DB4FE3F2A99E8C73B22755ECC2 GOST: BF4F4FA4B9518B47FB030D15BB5EA346E3F2F19795D30403E73BE68EA9D7ED77
  amsi_plugin32.dll (x86, mod) Version: 2.3.6.2286 MD5: 6F46E33BD889E5886B4F6E2B8B942907 GOST: EFEA8AC06448E2FCC2F05F28EBA7807BBD43AD957776E97EB4F69C50EB265E11
  amsi_plugin64.dll (x64, unmod) Version: 2.3.6.2285 MD5: DB180F66AF070D02BDDB71058B76F2D5 GOST: 22DBF6111960121F7BC71A06188BACF32CFF93DB3DE4E6A0889297CB80DABDEE
  amsi_plugin64.dll (x64, mod) Version: 2.3.6.2286 MD5: A2EEE2564D4D5E03CB841B8C221825B1 GOST: FC2E8941EF4FA3B00B617D264E1C5B478A0AAFAAFCC0496280683FD362443E3C
  klpshk32.dll (x86, unmod) Version: 1.0.0.0 MD5: 8F6D5D3589ED9B1891D461BCBDC6D11F GOST: D50B368C78C0CA43E940E23E730E563F0B59F894FCD29543C7580F39EB2EC691
  klpshk32.dll (x86, mod) Version: 1.0.0.0 MD5: 8FF6F70648D64D1B9E43CBA6DF6A6DB2 GOST: 394035793AA6C9E40E8A30EF8EE442DA563122F31F19A56EC261EFAED0F9B104
  klpshk64.dll (x64, unmod) Version: 1.0.0.0 MD5: F685B9EE09950AE3754225290547751C GOST: 2296B5F2537837680ADB7A35C2E0D97BB701F96BB6F1216258FED28942531822
  klpshk64.dll (x64, mod) Version: 1.0.0.0 MD5: 4BCF79ACBEFC2DCB00A1D4BAFA416CC7 GOST: CB0D230DDA43DBE807B41A6B86329D45FDB498D8D54BD9D279AD6890671F9B2B

Changelist:

- mapping cryptors detection

- AMSI support for 2018+

- dumps fixes

How to test

 

How to update:

Update etc

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.