Results 1 to 8 of 8

Thread: Malware Analysis - Starting out..

  1. #1
    Registered User
    Join Date
    Apr 2011
    Posts
    78
    Blog Entries
    1

    Malware Analysis - Starting out..

    Hi All,
    I am trying to learn Malware Analysis on my own. I've read a lot of stuff that talks about setting up your lab using physical or virtual machines. Then it speaks about understanding what the Malware does by studying its behavior and finally reverse it.

    I've set up a small lab with the help of Virtual Box and have installed all the tools necessary to understand file system as well as Network traffic and tested a couple of bits of malware out as well; I got these from the offensivecomputing site.

    My question now is actually a very simple one(I think ) - Can any of you suggest 5 specific malware samples that I should work on to improve my understanding of the same? The reason I ask is that I am not sure whether the various pieces of malware that I am downloading are the right ones when I am still learning the skill.

    All your inputs are appreciated.

    Thanks
    Arvind
    p.s... I hope this is the right forum. Please move this if it is not.

  2. #2
    Although you are a "newbie" to malware, the Malware Forum seems a better match for your question, so, taking your suggestion, I have moved the question here.

    Regards,
    JMI

  3. #3
    Howdy,

    I just got this one in an email:
    http://www.pcworld.com/businesscenter/article/226745/cybercriminals_exploit_pdf_picture_filter_to_embed_malware.html

    I have it saved on a flash drive if you want it.

    Woodmann
    Learn Or Die.

  4. #4
    Registered User
    Join Date
    Apr 2011
    Posts
    78
    Blog Entries
    1
    That will be great Woodmann. Will you Email it to me or can I pull it down from some place? Thanks so much in advance.

    An update though is that I have been working on a piece of malware called fb.166.exe downloaded from the site http://support.clean-mx.de/clean-mx/viruses.php . It seems to be a facebook worm of some sort.

    Hopefully I'll get somewhere soon and put up a write up of some sort

    Thnx
    Arvind

  5. #5
    Here ya go:


    Order details.zip

    malware warning.





    Learn Or Die.

  6. #6
    Registered User
    Join Date
    Apr 2011
    Posts
    78
    Blog Entries
    1
    Thanks a bunch Woodmann. I will check this out.

  7. #7
    you may want to look for malware that fall under different categories as a way of learning how to identified them. For example, you may want to look for droppers, backdoors/trojans, rootkits, pdf/doc/jpeg embedded malware, VB malware, vmprotect, kernels/drivers, etc.

    For started, check the binary auditor malware section. They have the idbs(ida pro files) of some malwares for analisys. So you will only be limited to do some static analisys.

  8. #8
    Registered User
    Join Date
    Apr 2011
    Posts
    78
    Blog Entries
    1
    Cool thanks. Is there a link for this section.. coz I couldn't find it.

    I also have another question; in this initial stage where I'm just trying to get my environment exactly the way I want for dynamic analysis - is it necessary to focus on a specific type of malware like you suggested? Shouldn't just about any type of malware do for the 'behavioral analysis' part?

    Maybe once I get comfortable and used to my environment I could do what you say to gain more clarity on how 'each type of malware' works.

    For e.g This is the piece of malware I am analyzing now and it seems to have a lot of functionality in it.
    URL - http://support.clean-mx.de/clean-mx/viruses.php
    MD5 - 8c547549bea45c23e2eabf837a2d0f2a

    Is that ok? Or do you advise something else?

    Thnx
    Arvind

Similar Threads

  1. MalTrap v1.0a - Malware Analysis Tool
    By jayem in forum Tools of Our Trade (TOT) Messageboard
    Replies: 2
    Last Post: September 5th, 2009, 13:18
  2. CartellaUnicaTasse.exe Italian Malware RCE Analysis
    By evilcry in forum Blogs Forum
    Replies: 5
    Last Post: July 26th, 2008, 00:00
  3. found: Practical Malware Analysis
    By Shub-nigurrath in forum Malware Analysis and Unpacking Forum
    Replies: 1
    Last Post: August 30th, 2007, 02:15
  4. Norwegian Bank Malware Analysis
    By Nico in forum Malware Analysis and Unpacking Forum
    Replies: 0
    Last Post: March 14th, 2007, 10:00

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •