Author Topic: Malware Analysis Blogs  (Read 81219 times)

0 Members and 1 Guest are viewing this topic.

June 03, 2009, 05:54:53 pm
Reply #30

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Ruining the bad guy's day

August 11, 2009, 03:25:51 pm
Reply #31

Evilcry

  • Special Access
  • Jr. Member

  • Offline
  • *

  • 39
Hi,

my second blog: http://evilcodecave.blogspot.com

Regards,
Giuseppe 'Evilcry' Bonfa'
Deep Root Never Freezes - Tolkien

August 21, 2009, 07:22:26 am
Reply #32

RS-232

  • Special Access
  • Sr. Member

  • Offline
  • *

  • 165
Only for the "fun" of it...rs-232 aka sowhat-x aka younameit ;-)
http://www.youtube.com/watch?v=fADjY97_KTw

August 29, 2009, 03:21:50 pm
Reply #33

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
xchg.info
http://xchg.info

there is an article "Build your own Malware Sample DB" using MDL
http://xchg.info/?p=353

and maybe sowhat-x can explain him how does the Fast Entropy works on PEiD.  ;)
http://xchg.info/?p=323
Ruining the bad guy's day

August 30, 2009, 01:55:47 pm
Reply #34

RS-232

  • Special Access
  • Sr. Member

  • Offline
  • *

  • 165
Lol,i wouldn't really know that - i'm just the packers' collecting guy,making signatures and such - nothing more or less...  :)
Yet though - on the topic of python code/entropy calculation etc,someone might wanna check Roberto Perdisci's pages:
http://roberto.perdisci.com/publications/publication-files/Perdisci_Lanzi_Lee-PRL08-public.pdf
http://roberto.perdisci.com/projects/cpexe

//Edit//
...here's some c++ code as well for studying:
http://gynvael.coldwind.pl/?id=158
http://gynvael.coldwind.pl/?id=162
Only for the "fun" of it...rs-232 aka sowhat-x aka younameit ;-)
http://www.youtube.com/watch?v=fADjY97_KTw

September 23, 2009, 10:47:32 am
Reply #35

RS-232

  • Special Access
  • Sr. Member

  • Offline
  • *

  • 165
Blast's Security Lab
http://www.sacour.cn/
Plus... (change date according to your needs,following are merely latest days' examples...):
http://www.sacour.cn/list/2009922.htm
http://www.sacour.cn/list/2009921.htm
etc etc...
Only for the "fun" of it...rs-232 aka sowhat-x aka younameit ;-)
http://www.youtube.com/watch?v=fADjY97_KTw

September 23, 2009, 03:55:31 pm
Reply #36

RS-232

  • Special Access
  • Sr. Member

  • Offline
  • *

  • 165
Securelist
http://www.securelist.com/ru/analysis
http://www.securelist.com/ru/weblog
From Kaspesky AV (use Google Translate or similar services):
quite a lot more articles than the english-speaking equilevant of Viruslist.com...
Only for the "fun" of it...rs-232 aka sowhat-x aka younameit ;-)
http://www.youtube.com/watch?v=fADjY97_KTw

October 08, 2009, 03:04:47 pm
Reply #37

RS-232

  • Special Access
  • Sr. Member

  • Offline
  • *

  • 165
EP_X0FF's Blog
From the author of Rootkit Unhooker,hosted over at rootkit.com:
http://rootkit.com/blog.php?user=DiabloNova
Only for the "fun" of it...rs-232 aka sowhat-x aka younameit ;-)
http://www.youtube.com/watch?v=fADjY97_KTw

February 25, 2011, 11:28:43 am
Reply #38

john_

  • Jr. Member

  • Offline
  • **

  • 31
  • Personal Text
    In God we trust, all others we virus scan
    • Virus removal tools
Infos and some malware analysis :

http://cleanbytes.net

March 10, 2011, 09:35:23 am
Reply #39

ahelpyguy

  • Jr. Member

  • Offline
  • **

  • 13