HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 79 guests online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Malwarearrow Malware Analysis
EH-Net
May 23, 2013, 07:58:47 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Malware Analysis  (Read 7225 times)
0 Members and 1 Guest are viewing this topic.
satyr
Newbie
*
Offline Offline

Posts: 41



View Profile
« on: July 26, 2011, 12:04:48 AM »
Hi all,

I have been reading about Malware Analysis, Ive had some samples for analysis which I used for understanding.

Guys im looking for sources from where I can get malwares for analysis, currently im looking at sites like
MalwareDomainList
OffensiveComputing
Tuts4You

I would love to get a sample and a analysis report of the sample so that i can try all the things mentioned in the analysis. I want to do this till im a little familiar with the basics. After that id love to go ahead and do my own analysis.

Please tell me some forums/sites which anyone here uses for malware analysis.
Please tell me some other methods which I can use, Honeypot I know is one of them.

Thanks all for reading, please share your thoughts on this.
Logged
dbest
Jr. Member
**
Offline Offline

Posts: 79


View Profile
« Reply #1 on: July 26, 2011, 01:32:54 AM »
Take a look at some of the challenges hosted by "The Honeynet Project".
http://honeynet.org/challenges

Couple of Scan of the Month challenges (http://old.honeynet.org/scans/index.html) are also related to Malware analysis.
You can start with Scan 32 - Analyze a Malware binary and then proceed to
Scan 33 - Advanced reverse engineering challenge.
Logged
CISM, CEH, CISA, ISO 27001 LA
MaXe
Hero Member
*****
Offline Offline

Posts: 669


I've just upgraded myself to a cyborg muahahaa!!1


View Profile WWW
« Reply #2 on: July 26, 2011, 11:58:35 AM »
Go to YouTube and search for eLearnSecurity - Malware Analysis. There's 2 good videos there as well, pretty basic, but cool  Smiley
Logged
I'm an InterN0T'er
satyr
Newbie
*
Offline Offline

Posts: 41



View Profile
« Reply #3 on: July 29, 2011, 03:46:40 PM »

Awesome. That helps a lot.
I have been following some forums and looking for analysis articles.

i have heard about Malware Analysts Cookbook ... any other books which someone can recommend ?
Logged
dbest
Jr. Member
**
Offline Offline

Posts: 79


View Profile
« Reply #4 on: July 30, 2011, 09:21:22 AM »
Quote from: MaXe on July 26, 2011, 11:58:35 AM
Go to YouTube and search for eLearnSecurity - Malware Analysis. There's 2 good videos there as well, pretty basic, but cool  Smiley
Those videos do begin with a behavioral analysis of the malware. Wouldn't it be better to start off with a static analysis?
Logged
CISM, CEH, CISA, ISO 27001 LA
jaso
Newbie
*
Offline Offline

Posts: 5


View Profile
« Reply #5 on: July 30, 2011, 09:51:21 AM »
Quote from: dbest on July 30, 2011, 09:21:22 AM

Those videos do begin with a behavioral analysis of the malware. Wouldn't it be better to start off with a static analysis?


I think that's a personal preference as long as you're doing behavioral analysis correctly. (isolated system, yadda yadda yadda) I find it easier to leverage my static analysis with my behavioral analysis. I'm sure there are people that cringe at the thought of running malware, but in my mind you're going to end up running it one way or another.
Logged
3xban
Hero Member
*****
Offline Offline

Posts: 608


View Profile WWW
« Reply #6 on: August 07, 2011, 09:27:26 PM »
Hi Satyr, I am actually in the same boat as you.  I am currently going through the cookbook which is pretty decent.  Surprisingly, the Kindle version is decent, the only negative was having to hunt down the DVD contents, but they were easily obtainable using an SVN client and following the site's instructions.  Another decent piece of the book is the prep.  They go over getting a lab setup, some free tools you can use and even going anonymous when you are visiting the bad sites.  Using tools such as TOR and proxies.

I will certainly check out the sites posted here, those will be helpful.

Good luck!!
Logged
Certs: GCWN
(@)Dewser
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.067 seconds with 22 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Free Business and Tech Magazines and eBooks

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.