Latest malware analysisMalware Analysis / Reverse Engineering Course

Begin Learning Cyber Security for FREE Now!

Already a Member Login Here

Home Forums Courses Malware Analysis / Reverse Engineering Course Latest malware analysis

This topic contains 7 replies, has 5 voices, and was last updated by  Franck KAMGAING 4 years, 8 months ago.

Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
  • #28794


    Share us latest malware analysis, news and source codes



    It is a program installed on a system without the knowledge of owner of the system. It is basically installed by the third party with the intention to steal some private data from the system or simply just to play pranks.

    Classification of Malware.
    -Keylogger …



    Malware detection techniques
    – Static analysis
    – Dynamic analysis
    – Hybrid analysis

    Various static analysis techniques are as follows
    Signature based detection
    File based
    Weight based
    Rule based
    and Generic signature


    Mathanraj TK

    spam emails that have an attachment of “.DOC” extension file name but actually is a “.MHT” file. This trending trick seems to be a new way to spread macro malware.
    “.MHT” file looks like when opened in a text viewer.
    The encoded base64 ActiveMime data below is where the OLE file that has malicious macro script resides.
    if You Decoding the base64 data then you will have the ActiveMime data file.
    ActiveMime data that is ZLIB compressed. Decompressing ActiveMime data will lead us to the OLE file that has the malicious macro script.



    ^Check out the angler malware kit … its dropping all over the place. We are detecting it being dropped on hacked wordpress sites that weren’t updated to the current version. Pretty wild stuff as it both custom creates and encrypts its package



    Excuse me..what is the best way to remove trojan when i got it on my pc??



    ^ could be as simple as clicking a bad link in an email. If the web server was running/sending an exploit without a patch (or you didn’t have the latest patches on your machine), you get owned in 2 seconds. If the attackers payload/task_list is scripted, once the connection gets established, the given process executes, and the attacker comes in and gets out. Wait, what was the question?

    Could be a virus that spread from an infected usb stick. Could be downloaded/installed malware – Could be that you have a downloader malware variant on your machine, so you are constantly getting new malware to host/use.

    …etc etc

    Install Emsisoft Emergency Kit and Scan/Remove anything it finds (its free):

    Install Malwarebytes and Scan/Delete anything it finds (the free one):

    • This reply was modified 4 years, 8 months ago by  OPsecJ.

    Franck KAMGAING


Viewing 8 posts - 1 through 8 (of 8 total)

You must be logged in to reply to this topic.

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?