WiseVector StopX Achieves Nearly 100% Ransomware Detection
The ransomware detection of WiseVector StopX has been continuously improved to become more and more powerful! With six layers of protection, it is indestructible!
The first layer of protection: AI Based Static Scanning
More than 95% of ransomware can be stopped by the static scanning. With the accumulation of experience, WiseVector StopX will become smarter and more accurate to detect ransomware.
The second layer of protection: AI Based Behavior Detection
The AI based behavior detection is the core feature of WiseVector StopX. When performing the analysis, WiseVector StopX real-time protection will track all new created files and processes, as well as any system API calls, registry queries and changes, and WMI requests. The AI comes into play to classify the sample as specific behavior or ransomware when the execution module and code of the sample are analyzed. To use an analogy, in real life, a police officer would look into the situation and predict which people might be thieves based on experience, and make an arrest before the thief acts. The AI based behavior detection is similar to this approach of the police officer.
The third layer of protection: AI Based Memory Protection
AI-based WiseVector StopX detects malicious processes in memory, so memory protection can effectively detect code obfuscation and other antivirus bypass techniques.
It detects advanced malware including ransomware that uses the following techniques: Reflective DLL Injection，Process Hollowing，Manually PE loading ( exe and dll )，DotnetToJS，Sharpshooter，Net code in PowerShell，Process Doppelgänging，Process Reimaging，Mimikatz as well as remote threads in system processes.
It detects advanced threats including ransomware based on tools such as PowerShell Empire, GreateSCT, nps_payload, ObfuscatedEmpire, unicorn, etc.
The fourth layer of protection: Deception Based Ransomware Detection
When this feature is enabled, WiseVector StopX will create folders with irregular names in each disk and all these folders are ransomware traps, and eventually the AI will check the folders and block ransomware.
The fifth layer of protection: Kernel Mode Based Document Protection
With the document protection, users can add protected documents or folders, and then add programs that allow access to these documents or folders, so that no other programs can modify these protected files to achieve the purpose of enhanced protection.
The sixth layer of protection: Ransomware Rollback
Ransomware Rollback can backup files modified by suspicious programs in real time and revert changes in case of a ransomware attack. Working alongside other ransomware detection features, it provides almost 100% protection against ransomware!