Welcome to the new Woodmann RCE Messageboards Regroupment
Please be patient while the rest of the site is restored.

To all Members of the old RCE Forums:
In order to log in, it will be necessary to reset your forum login password ("I forgot my password") using the original email address you registered with. You will be sent an email with a link to reset your password for that member account.

The old vBulletin forum was converted to phpBB format, requiring the passwords to be reset. If this is a problem for some because of a forgotten email address, please feel free to re-register with a new username. We are happy to welcome old and new members back to the forums! Thanks.

All new accounts are manually activated before you can post. Any questions can be PM'ed to Kayaker.

Malware Forum RULES

This forum focuses on analyzing malware and any aspects of dealing with packer protections.
Locked
User avatar
Kayaker
Posts: 4169
Joined: Thu Oct 26, 2000 11:00 am

Malware Forum RULES

Post by Kayaker »

Please note the following rules:

When uploading any malware be sure to do the following:

1. Change the extension to a non-executable one so that no one can accidently double click the file unless they are ready to deal with it in a safe manner. For example, rename *.exe to *.vxe.

2. Password protect the zip file and give the password.


Please note that if any files are found that are NOT protected in the above manner they will be removed.




Greetings All,

We would like to encourage people to use this forum for discussing all aspects of one of the most important facets of reverse code engineering, that of malware analysis. Since a majority of malwares tend to be packed and/or encrypted, this goes hand-in-hand with general unpacking strategies as well.

The term "malware" is meant in the broadest sense - viruses, worms, trojan horses, rootkits, even spyware and adware. Anything that *needs* to be reversed *should* be reversed and is fair game here.

Feel free to post links to other tutorials and analyses you may find, interesting discussions elsewhere, or anything else to add to the general knowledge base.

If you find an unknown malware and would like assistance in reversing it, or learn how to reverse it safely, then we can consider making it a communal Mini-Project in which all can participate.

Cheers,
Kayaker
User avatar
OHPen
Posts: 399
Joined: Wed Nov 06, 2002 1:20 pm
Location: .text

Post by OHPen »

Lo,

i'm the opinion of that its a nice idea to start with malware analysis, 'cause
lots of reverse engineers are working in this area. Maybe i will once do so too.

Another important fact is that we can learn a lot of some virii out there. Some
HAXX0Rs have quite nice techniques like, meta code, vm's, custom protector,
ring0 stuff and so on.

Lets see what that malware will bring us :)

Cheers,

PAPiLLiON
- Reverse Enginnering can be everything, but sometimes it's more than nothing. Really rare moments but then they appear to last ages... -
LLXX
Senior Member
Posts: 981
Joined: Wed Aug 17, 2005 8:37 pm

Post by LLXX »

So... can we post malware here?
[ ~Litana L.X. Xahanien~ ]
User avatar
Woodmann
Posts: 3605
Joined: Fri Jan 26, 2001 6:28 pm

Post by Woodmann »

Howdy,

You can but you must use the words
MALWARE/BIOHAZARD
In big red letters so no one can claim ignorance
once they download it and destroy their computer.

Woodmann
darkside

Post by darkside »

i wanna learn how to create malware and how it work !!
and for sure how to ready the log of this malware (does there a program able to open this .exe file?)
Locked