Tag Archives: malware analysis

Superb Automated Malware Binary Analysis Service – Figure out what malware does in minutes

These days, malware are VM aware to defend against automated analysis tools such as anubis, cukoo. And these automated analysis are based on behaviour analysis of malware that gives only tip of what actually it does as they are now … Continue reading

Posted in Articles, Notes, security | Tagged , , | Leave a comment

Using “volatility” to study the CVE-2011-0611 Adobe Flash 0-day

A very good explanation of memory forensic analysis using volatility of a memory dump after infection with Adobe 0-day vuln CVE-2011-0611 http://sempersecurus.blogspot.com/2011/04/using-volatility-to-study-cve-2011-6011.html http://bugix-security.blogspot.com/2011/04/cve-2011-0611-adobe-flash-zero-day.html

Posted in Articles, Notes | Tagged , , | Leave a comment

Malware Analysis Tools Set Up for Linux

  Analyzing Flash malware: swftools, flasm, flare Analyzing IRC bots: IRC server (Inspire IRCd) and client (Irssi). To launch the IRC server, type “ircd start“; to shut it down “ircd stop“. To launch the IRC client, type “irc“. Network-monitoring and … Continue reading

Posted in Articles, Resources | Tagged , , | Leave a comment

Introduction to Malware Analysis – Behaviour Analysis

It involves Code Analysis, Behavior Analysis Behavior Analysis – Examines the interactions of Malware with the environment i.e., Files system, Registry, Network etc It is convenient to use Virtualization software such as VMWare, Virtual PC etc to host lab environment. … Continue reading

Posted in Notes, security, Tutorials, Uncategorized | Tagged , | Leave a comment

Malware Analysis for Administrators

Found this nice article on malware analysis Continue reading

Posted in Articles, security | Tagged | Leave a comment

I got infected with sysgif32

My system is very slow and it taskmanager is showing 100% CPU Utilization for SVCHOST.exe which belong to microsoft as confirmed with sysinternals procexp.exe . Sysinternals has got wonderful set of tools to get into nuke and corner of windows, … Continue reading

Posted in Articles, security | Tagged | Leave a comment