Introduction to Malware Analysis
From JST at Offensive Computing:
I have a folder (just over 300 megabytes/927 files), which contains a lot of malicious software. I uploaded it in case anybody wants to analyze it, or if anybody from anti-virus companies wants to detect it. A lot of it is already detected, but some of it is detected by some anti-viruses but not detected by others. There are all types of executable files, pif/exe/scr etc and also some .jpg/.zip which are really executable files renamed. There are also some HTML files, but a lot of those can just be ignored. Well I uploaded it all anyway.
The password for the rar file is "malware"
http://www.megaupload.com/?d=KE19T9DI
As someone interested in learning malware analysis this is a treasure trove of potential examples. Theory is great, and I love reading a good book, but having a third of a gig of applications to rip apart and find the nastiness really calls out to my "learn by doing" mindset.
I really enjoy the Offensive Computing site. These folks are really dedicated to what they do and have a ton of resources about their chosen specialization. So give their site a read, download their malware, and send me an email to compare notes.
4 comments:
Hmm, anyone want to take bets on how many users actually infect their systems while learning off these examples?
(Great resource by the way. I'll have to play once I get my virtual machine up and running.)
Fair enough. Perhaps an more extensive introduction to malware analysis process is necessary. Good call Steve.
Shit, I just crashed my laptop.
When I code a virus, I test it on a vmware image that i just blow away and reimage in seconds. Best way to analyze malware.
Post a Comment