Emsisoft Achieves 100% Detection in May 2026 Malware Test

In May 2026, Emsisoft Enterprise Security + EDR successfully blocked all 360 malware samples in the Advanced In-The-Wild Malware Test conducted by AVLab Cybersecurity Foundation. The test revealed that cybercriminals increasingly utilize legitimate Windows tools, known as LOLBins, to evade detection. Among the frequently observed LOLBins were tor.exe, curl.exe, and git.exe, indicating a shift towards using legitimate system components for malicious activities. The malware samples were primarily delivered via HTTP (318 samples) and HTTPS (42 samples), with compromised servers located mainly in the United States, Germany, and China. The test highlighted the limitations of reputation-based detection mechanisms, particularly with HTTPS delivery. Emsisoft's product achieved an average threat neutralization time of 2.69 seconds, demonstrating effective incident response capabilities. The results underscore the need for behavioral analysis and comprehensive telemetry in cybersecurity solutions.

Key Points: • Emsisoft blocked all 360 malware samples in the May 2026 AVLab test, achieving 100% detection. • The test highlighted the use of legitimate Windows tools (LOLBins) by cybercriminals to evade detection. • Most malware was delivered via HTTP, with significant challenges posed by HTTPS delivery.