Last week i had a speech at the CAST forum about hunting malware with volatility 2.0. On 40 slides i will introduce the main features of this powerful forensic framework. All memory dumps being discussed are snapshots from infected machines with modern malwares and rootkits.
I am a security researcher in the network security lab at Indian Institute of Technology, Guwahati. I am new to this field of malwares. Currently I am working on malware obfuscation techniques. I used a debugger to obfuscate given samples of malwares. So can anyone plz provide me some links of opensource antivirus softwares except ClamAV to get the signature of a particular malware from its database. Can anybody also give me some link of common obfuscators. It will be of great help.
Anyone have a sample of W32/W64.Sobelow? I'm looking for the one mentioned here:
I'm working on making a Youtube video and wanted to know how the AVs I will be testing perform against these threats: rootkit ZeroAccess, fake AV “Cloud AV 2012”, fake AV “AV Protection 2011”, fake AV “System Fix” and rootkit TDSS/TDL4.
Thus if you please could provide me with those malware samples, that would be great.
I'll be testing ESET NOD32 v5, Avast! free v.6, and Avira free.
Thanks in advance for your help.
I am looking for Shady RAT related files. A dropper, payload, stego'd images or html files are welcomed. If anyone has knowledge of samples already uploaded and can provide me with a hash/name to search for, that would be great also.
I would accept any malware that uses steganography to avoid detection.
The Introduction to IDA Python document by Ero Carrera is one of the better documents on scripting the IDA Pro platform available. After talking with Ero directly, I have received permission to host the PDF directly on Offensive Computing to make it available long-term. Enjoy.
Ikarus - Worm.Win32.Prolaco
Symantec - W32.Ackantta.G@mm
Kaspersky - Backdoor.Win32.Wuca.ga
F-Secure - Worm:W32/Prolaco.K
Any similar malware will also be of great use..
Trying to get a new set of rogue samples, I have a numerous malware samples in my websites in zip file orden2 and orden:
I request some good samples not damaged, but also I do have good samples. There is no samples required. I tried to get my multi trojan pack application. In one exe file there was 6 trojans, but it was too big to send up.
Can some one lend me a site to get a good rogue sample. leave the site on the page above on the comments section.
I am looking for a sample of Twitterbot/Nazbot for research purposes. Could you guys help me to find this sample ?
Thank you very much in advance,
Does anyone have a sample of the rogue antivirus 'Nortel Antivirus' (the fake Norton). Any samples will be greatly appreciated.