Malware Detection Types

Paladin has a variety of methods that constantly being innovated upon in order to detect malware and keep your system safe from threats. To have the full capabilities of Paladin, a Premium license is required, which can be purchased here. If you already have a license, please refer to activation with this article.

Fingerprint Detections

The file's "fingerprint" is detected by its SHA-256 hash value. Think of the hash as a completely unique identifier for a file. Paladin keeps a record of malicious hash values. Premium users have access to a database of over 50 million hash values, increasing by the day.

Notifications appear as:

Protection log will appear as:

Malware Family Detections

Paladin has an extensive list of "deep signatures" for many variants of malware that are not in other protection software. These signatures are created from careful analysis of the samples by our reverse engineers. Free users have the full detection portfolio of Paladin!

Notifications appear as:

Protection log will appear as:

To check out the different malware families to see what they're all about, head over to here.

Malicious Batch Detections

Threat actors enjoy the convenience of batch files, but Paladin monitors anything that may be relevant to an attacker. Typically, these files will be run alongside other trojans. Free users have all detection mechanisms for batch files.

Notifications will appear as:

Protection log will appear as:

Malicious Script Detections

PowerShell and VBS are favorites among threat actors. Paladin inspects and detects for anything useful to a threat actor and scores it appropriately. Free users have all detection mechanisms for script files.

Notifications will appear as:

Protection log will appear as:

Malicious JavaScript Detections

Modern attackers are loving JavaScript due to legacy antivirus' inability to detect it. These files are typically downloaded alongside others as a sort of "Stage 2" to their initial payload. Free users have all detection mechanisms for JavaScript files.

Notifications will appear as:

Protection log will appear as:

Entropy Detection

To hide the presence of malicious intent, threats will typically "pack" their malware. This "packing" leaves the malware with a very high entropy rate (randomness). A high entropy is indicative of some type of encryption occurring within a file and is not typical in benign software. Free users have all detection mechanisms for entropy detections.

Notifications will appear as:

Protection log will appear as:

Paladin Artificial Intelligence Detections

Paladin AI is only available to Premium users. Our researches have hand-trained an AI model from scratch, having it learn based of millions of known benign and malicious files. To learn more about the creation of Paladin AI, head over to our page on it.

Notifications will appear as:

Protection log will appear as:

Thanks for using Paladin! If you haven't downloaded yet, give the Free edition a try with just a download here! If you'd like to see Paladin at its full capability, you can start a subscription here.