Collaborate Disseminate
I asked an experienced person about the needs of malware analysis. He told me:
"Learn x86, C/C++, Win32 API, Windows internals, PE file structure basics… Then when you are comfortable with these, try tools like ollydbg and IDA Pro.&… Continue reading Network knowledge in malware analysis
I asked an experienced person about the needs of malware analysis. He told me:
"Learn x86, C/C++, Win32 API, Windows internals, PE file structure basics… Then when you are comfortable with these, try tools like ollydbg and IDA Pro.&… Continue reading Network knowledge in malware analysis
I was wondering where one could submit identified malware for further analysis, as well as to raise awareness. I know many times cyber criminals will use a carefully altered version of a known strain of malware, and I’d like to know where … Continue reading Where can I submit malware or a compromised disk/memory image [closed]
I had a tab randomly open up that was for adware. Luckily, it was caught by my ad blocker, but I would like to figure out what triggered it to open.
I tried checking its history state through console, but I found nothing interesting. I t… Continue reading Does chromium keep logs of the events leading up to opening a new tab? [migrated]
My antivirus detected some malware in my browser cache while just browsing a webpage. The file was quarantined and I deleted it, however it looked like JavaScript.
As I had deleted the file and had nothing to upload, I decided to put the U… Continue reading Virus-Total URL Scan vs SHA-256 Analysis?
I can imagine this is a difficult question for you to answer without seeing the actual sample, but perhaps some of you have experience with this. I’m analysing a sample from Darkside using IDA Free and x32dbg and I have resolved the dynami… Continue reading Ransomware debugging Imports Scylla
I am aware of a website that I suspect is, at the very least, pulling user data from visitors and possibly performing other malicious activity on visitors. Of course, the safest course of action is to avoid this site. That said, I am a stu… Continue reading How to Safely Research a Suspected Malicious Website by Using A VM [duplicate]
Recent analysis of Hive0051 has identified three key changes to capabilities: an improved multi-channel approach to DNS fluxing, obfuscated multi-stage scripts, and the use of fileless PowerShell variants of the Gamma malware.
The post Hive0051’s large scale malicious operations enabled by synchronized multi-channel DNS fluxing appeared first on Security Intelligence.
Microsoft Security Copilot has been made available to a larger number of enterprise customers, via an invitation-only Early Access Program. What is Microsoft Security Copilot? “Security Copilot is an AI assistant for security teams that builds on… Continue reading Microsoft announces wider availability of AI-powered Security Copilot
IBM X-Force has identified new capabilities in DBatLoader malware samples delivered in recent email campaigns, signaling a heightened risk of infection from commodity malware families associated with DBatLoader activity. Explore the analysis.
The post Email campaigns leverage updated DBatLoader to deliver RATs, stealers appeared first on Security Intelligence.
Continue reading Email campaigns leverage updated DBatLoader to deliver RATs, stealers