Tag: , , , , , , , , , , , , , , , , , , , , , , , , , ,

Παραβιάστηκε το αυστραλιανό Linux, διέρρευσαν προσωπικά δεδομένα

Παραβιάστηκε το αυστραλιανό Linux, διέρρευσαν προσωπικά δεδομένα

Παραβιάστηκε το αυστραλιανό Linux, διέρρευσαν προσωπικά δεδομένα     Η ομάδα...

CaptureBat – Dynamic Malware Analysis Tool

As I mentioned in one of my previous posts about tools for Dynamic Malware Analysis, CaptureBat is a very essential tool for this purpose....

Dynamic Malware Analysis Tools

It would not be wrong to say that every malware has its personality. Not that we want to start treating malwares like living things but the...

Malware Sample Sources

So where do we get the Malware samples from… except the infected machines in a Cyber Cafe of course (The sources are listed in no...

Malware Analysis tools chest: ClamAV

ClamAV is not a tool for analyzing malwares per se, it is more of a tool for organizing and is mainly useful in the pre-analysis stages....

Virtual Machines for Malware Analysis

An ideal setup for Malware Analysis would be to have a machine where we can readily install and execute malicious programs. But given the...

So just how do I analyze Malware ?

There are two main ways in which Malwares are analyzed 1. Behavioral Analysis 2. Static Analysis In Behavioral Analysis we observe the...

Reptile Malware – Behavioral Analysis

I began by having a fresh VMWare image of Windows XP. Tools which you should have ready before you start behavioral analysis: Regshot...

Reverse Engineering Malware: ZeroAccess / Max++ / Smiscer Crimeware Rootkit

This four part article series is a complete step-by-step tutorial on how to reverse engineer the ZeroAccess Rootkit. ZeroAcess is also...

ZeroAccess Malware Part 2: The Kernel-Mode Device Driver Stealth Rootkit

In Part 2 of the ZeroAccess Malware Reverse Engineering series of articles, we will reverse engineer the first driver dropped by the...

ZeroAccess Malware Part 3: The Device Driver Process Injection Rootkit

Let’s now take a look at the second driver dropped by the agent. This driver allows for ZeroAccess to inject arbitrary code into the...

ZeroAccess Malware Part 4: Tracing the Crimeware Origins by Reversing Injected Code

In this final part we will trace the origins of the ZeroAccess rootkit. We will discover that the purpose of this rootkit is to set up a...

Shellcode analysis on Linux x86 32bit

Most of the programs that we use every day contain bugs; a bug is a malfunction in a program, which can make the program take unwanted...

Steam Server Admin Hack 2011

Steam Anti Vac Ban Code Lines from exe Steam Anti Vac Ban 2011.exe...

ZeroAccess Rootkit Launched by Signed Installers

Digital certificates and certificate authorities have been much in the news recently. Attacks–such as those used by Stuxnet, Duqu, and...

Malware Analisys Basics 2

Malware Analisys Basics 2   Σε αυτό το tutorial θα δείτε πως μπορείτε να διαβάσετε ένα infected...

Paysafecard Money Doubler – Virus

Paysafecard Money Doubler http://www.youtube.com/watch?v=TETKeaMa09k Code lines from exe...

Malware Analisys- Stealer

Malware Analisys- Stealer     Malware Analisys Basics / Reversing a backdoored file The » Hacker » Email:...

FaceBook Hacking Tool – Backdoored with Stealer

FaceBook Hacking Tool – Backdoored with Stealer     http://www.youtube.com/watch?v=W6XNEj_zwjo   Original Youtube video with the...

Paysafecard Hack Tool – Backdoored with Rat

Paysafecard Hack Tool – Backdoored with Rat   Another one »Magic» tool backdoored with remote control tool & AdWare   Connections:...

Shylock In-Depth Malware Analysis

A special piece of malware on the docket. Mila over @ contagiodump and Trusteer reported a new type of malware called Shylock. They were...

Zeus Analysis in Volatility 2.0

Well I wanted to post another article about memory forensics with my favorite open source tool right now…. Volatility. Can’t say enough...

Stuxnet’s Footprint in Memory with Volatility 2.0

We’ll examine Stuxnet’s footprint in memory using Volatility 2.0. A talk was given at Open Memory Forensics Workshop on this topic (see...

Abstract Memory Analysis: Zeus Encryption Keys

The amount of research pouring out of the Volatility community recently has been very exciting. Over the past few weeks, we’ve seen Russ...

Detecting Stealth ADS with The Sleuth Kit (TSK)

Exploit Monday has an interesting article on Stealth Alternate Data Streams and Other ADS Weirdness – read it if you haven’t already....

Detecting/Memory Forging Attempt by a Rootkit

Rachit described a malware sample that prevented live anti-rootkit tools from detecting the malware’s IRP hooks. To summarize the...

Tedroo Spambot Analysis

This is a tutorial analyzing the Tedroo spam bot. The MD5 for the binary is 37d0738dec3c65e416aec49e36db81b4. I’ve taken the binaries off...

Malware Analisys Basics 1

Malware Analisys Basics 1   Σε αυτό το tutorial θα δείτε τι χρίσει έχουν μερικά tools και ποια...

Inside a malware campaign: Alina + Dexter + Citadel

by Steven K xylibox.com   I am going to start this article by mentioning that the server i am about to talk was under strong...

Analyzing Malicious Documents Cheat Sheet

Analyzing Malicious Documents Cheat Sheet This cheat sheet outlines tips and tools for reverse-engineering malicious documents, such as...