Please note the following rules:
When uploading any malware be sure to do the following:
1. Change the extension to a non-executable one so that no one can accidently double click the file unless they are ready to deal with it in a safe manner. For example, rename *.exe to *.vxe.
2. Password protect the zip file and give the password.
Please note that if any files are found that are NOT protected in the above manner they will be removed.
Greetings All,
We would like to encourage people to use this forum for discussing all aspects of one of the most important facets of reverse code engineering, that of malware analysis. Since a majority of malwares tend to be packed and/or encrypted, this goes hand-in-hand with general unpacking strategies as well.
The term "malware" is meant in the broadest sense - viruses, worms, trojan horses, rootkits, even spyware and adware. Anything that *needs* to be reversed *should* be reversed and is fair game here.
Feel free to post links to other tutorials and analyses you may find, interesting discussions elsewhere, or anything else to add to the general knowledge base.
If you find an unknown malware and would like assistance in reversing it, or learn how to reverse it safely, then we can consider making it a communal Mini-Project in which all can participate.
Cheers,
Kayaker
Welcome to the new Woodmann RCE Messageboards Regroupment
Please be patient while the rest of the site is restored.
To all Members of the old RCE Forums:
In order to log in, it will be necessary to reset your forum login password ("I forgot my password") using the original email address you registered with. You will be sent an email with a link to reset your password for that member account.
The old vBulletin forum was converted to phpBB format, requiring the passwords to be reset. If this is a problem for some because of a forgotten email address, please feel free to re-register with a new username. We are happy to welcome old and new members back to the forums! Thanks.
All new accounts are manually activated before you can post. Any questions can be PM'ed to Kayaker.
Please be patient while the rest of the site is restored.
To all Members of the old RCE Forums:
In order to log in, it will be necessary to reset your forum login password ("I forgot my password") using the original email address you registered with. You will be sent an email with a link to reset your password for that member account.
The old vBulletin forum was converted to phpBB format, requiring the passwords to be reset. If this is a problem for some because of a forgotten email address, please feel free to re-register with a new username. We are happy to welcome old and new members back to the forums! Thanks.
All new accounts are manually activated before you can post. Any questions can be PM'ed to Kayaker.
Malware Forum RULES
Lo,
i'm the opinion of that its a nice idea to start with malware analysis, 'cause
lots of reverse engineers are working in this area. Maybe i will once do so too.
Another important fact is that we can learn a lot of some virii out there. Some
HAXX0Rs have quite nice techniques like, meta code, vm's, custom protector,
ring0 stuff and so on.
Lets see what that malware will bring us
Cheers,
PAPiLLiON
i'm the opinion of that its a nice idea to start with malware analysis, 'cause
lots of reverse engineers are working in this area. Maybe i will once do so too.
Another important fact is that we can learn a lot of some virii out there. Some
HAXX0Rs have quite nice techniques like, meta code, vm's, custom protector,
ring0 stuff and so on.
Lets see what that malware will bring us
Cheers,
PAPiLLiON
- Reverse Enginnering can be everything, but sometimes it's more than nothing. Really rare moments but then they appear to last ages... -
-
darkside