Skip to main content

Malware Analysis And Research

Comments

Popular posts from this blog

Intro To Malware Analsys

Hi Folks, here I will analyze a malware which is possible packed with nspack. Details are below: SHA256: 5df0b1b07143c880c76d6e82253a20192981c83c3ea68bf86ffede6b17c01da4 File name: 5df0b1b07143c880c76d6e82253a20192981c83c3ea68bf86ffede6b17c01da4 First, we will do static analysis of the file. Using string utility: we see following things. most of the strings are obfuscated or encrypted content. we saw the strings like. nsp0 .nsp1. .nsp2.if  we google it we can know that it is a packer which based on NS packer. VirusTotal Analysis: Upon analysis using virus Total we saw detection 49 out of 55 which is a malicious in nature so we should unpack the malware because without unpacking the malware looks obfuscated and it is not possible to debug the instruction.it looks like below in IDA As we saw above we saw custom sections like ns0 ns1 ns2 and OEP starts with PUSHF PUSHA which is indication of a packer.we can confirm it

Top N Malware Analysis Tools

Hello folks, hope you are in good health in this lockdown. during my day to day work i invest time in reverse engineering, coding and some malware analysis. so thought to share these info which can help. A malware analysis and research are very trivial process for an organization to track down threats, malicious actors whose main intention to turn down organization’s reputation and economy. Also, this applies to government organization where they conduct targeted attacks like APT (Advance Persistent Threat). In general attacks can be combination of vulnerabilities, exploit and malwares . Security companies produces antivirus product, IDS, IPS, sandboxes and EDR products to track down those threats to protects organizations. An antivirus product contains both behavioral and signature-based even a combination of sandbox mechanism, which is given by security researcher to block these attack attempt A Malware researcher generally use both static and dynamic analysis of malware sampl