Malware Research

05 Nov 2024 08:18

I saw it on Twitter quite some time ago

Anyway, in terms of contents, both sites have much overlaps

Malware Research

05 Nov 2024 08:09

https://orkl.eu/

Malpedia

Malware Research

04 Nov 2024 18:14

Hey, can anybody share some stuff regarding Kinsing Malware.

Malware Research

04 Nov 2024 03:57

Im searching for an expert in cyber

Malware Research

03 Nov 2024 20:39

Hello i need a cyber security expert for paid mission

Malware Research

02 Nov 2024 13:08

Has anyone come across The Paradox malware before?

Just wandered around on youtube, another cheat - ok, drop in 3(?) stages

obfuscated .bat {Exploit UAC + WD}
7aa4dc47991ed55ce962b00d48f04ac8 (On anyrun)
https://app.any.run/tasks/3905f454-e0f2-4f4c-af7a-2aa33edb145a
C# dropper
f4d0884562f73348674470145b34b735 (On anyrun)
https://app.any.run/tasks/7d82ed21-930e-482c-82dc-d19a0cc431bd
It downloads a C# payload of a stub stub similar to rootkit
https://www.virustotal.com/gui/file/35e9fc6d67be2d1c6b980631212a36788eb91b75e7d7ccd2abe34707d52eb735
There is only one working C2 left - https://fdute32sdajfsda.hopto.org/

Malware Research

02 Nov 2024 08:01

Tpeбyютcя нecкoлькo чeлoвeк для coвмecтного зapaбoткa на кpиптoвaлютe!
Минимaльнaя зaнятocть.
Oбyчeниe пpeдocтавляем.
Ждy всex жeлающиx!

Malware Research

01 Nov 2024 20:44

Hello Nikhil, welcome to the Malware Research group! Please read the pinned message before you post!

Malware Research

31 Oct 2024 18:24

Hey can someone share some samples of GuLoader compiled in one zip

Malware Research

31 Oct 2024 10:51

That's really cool. Thanks for sharing.

Malware Research

31 Oct 2024 10:30

Which LLM model did you used? How did you prompt?

Did you gave the model a source code and asked it to write ast parser to do xyz?

Malware Research

31 Oct 2024 09:09

Nice work once again

Malware Research

31 Oct 2024 08:05

First off, happy Diwali to everyone and their families!

Second, this is a blog post alert!

This one is about developing tooling to deobfuscate JavaScript malware using Abstract Syntax Trees (ASTs). We will look at:

● Removal of junk comments.
● Removal of junk unused variables.
● Simplifying function bodies.
● Signaturizing ASTs to auto-rename functions.
● Deobfuscating the recently reported MintsLoader malware.

Blog link: https://nikhilh-20.github.io/blog/deob_js_ast/

Disclosure: The tooling code was generated through a LLM. I provided the ideas and directed the model to create the relevant code. Without this assistance, it would have taken me longer to codify the concept, given that I’m not deeply versed in JS.

Malware Research

30 Oct 2024 16:59

New FedBan
Fed: Libra's Empire
FedAdmin: alex 27
User: Orkhan Jalal
User ID: 5708493409
Reason: spam

Malware Research

26 Oct 2024 11:57

maldev academy , zero2automate. best way to learn how to analyze malware is to analyze malware - get ghidra or ida pro, a debugger, sandbox, look at samples and start playing around. ofc learn winapi c c++ c# assembly n more if u havent yet

Malware Research

05 Nov 2024 08:12

oh, that's a cool new name, i didn't knew about this site

Malware Research

05 Nov 2024 06:24

Hello Marja, welcome to the Malware Research group! Please read the pinned message before you post!

Malware Research

04 Nov 2024 16:00

what part of no paid jobs offer is unclear?

Malware Research

04 Nov 2024 03:57

User Oussama has 1/3 warnings; be careful!
Reason:
no paid jobs offer. Use @dfirjobs

Malware Research

02 Nov 2024 13:11

Why do you say that this is paradox malware ?

Malware Research

02 Nov 2024 08:31

New FedBan
Fed: Libra's Empire
FedAdmin: alex 27
User: Юрий
User ID: 1990400078
Reason: spam

Malware Research

02 Nov 2024 07:47

search Malware Bazaar for it

Malware Research

01 Nov 2024 10:53

Hello Mahbubor Rahman, welcome to the Malware Research group! Please read the pinned message before you post!

Malware Research

31 Oct 2024 11:49

Guys i know Nothing but i like this 🙂

Malware Research

31 Oct 2024 10:40

The free version of ChatGPT. I think it used gpt-4-turbo, I haven't checked.

An example prompt when I was working on removing unused variables:

Even the unused variables are showing in usedVars variable. I think the problem is that you're adding a variable to usedVars even for the declaration statement. Ignore declaration statements when updated usedVars

Consider the AST of the following JS code:

var xcssnuyk = thatleft0sovereigntynever; 
var thatleft0falklandwith = thatleft0sovereigntynever; 
var thatleft0notscottish = thatleft0sovereigntynever;

As it turns out, only the first variable is used later in the code. The other 2 are basically junk code. How would you identify such junk code using the AST?

The AST:
...

Malware Research

31 Oct 2024 09:29

The LLM did. I didn't even know the lib existed lol

Malware Research

31 Oct 2024 09:08

Did you picked esprime library or did LLM picked it ?

Malware Research

30 Oct 2024 18:43

New FedBan
Fed: Libra's Empire
FedAdmin: Libra
User: Leviatan_09 😺
User ID: 716622107
Reason: spam

Malware Research

27 Oct 2024 18:35

Hello Gabriel, welcome to the Malware Research group! Please read the pinned message before you post!

Malware Research

26 Oct 2024 11:20

Twitter, Google Alerts