9618
Group for Malware Analysts. Pinned message with resources and rules: https://t.me/MalwareResearch/38033
I often use the Medusa framework (which depends on Frida) to intercept and analyze how the malware app handles encrypted JSON objects sent by a fake C2. Maybe Medusa can intercept other kinds of C2 commands as well. Will look into it later.
Читать полностью…
Hi team! I'm looking for data breach by domain, what do you recommend?
Читать полностью…
I think I can only recall sandboxes have it
as for getting it out, not really sure. the APIs may allow that info to be queried, or no
/warn read rules and use english for communication
Читать полностью…
Any free websites/feed available where latest malwares are mapped with mitre attack framework along with their other attributes like impact, domains/IP's used etc...
Читать полностью…
User Anil has 1/3 warnings; be careful!
Reason:
add a description to links
Can anyone tell me how to hack android over wan without ngrok and i can gain access again using kali linux
Читать полностью…
Hello , did anyone do a jailbreak to ios 17.5.1 I need it to take a full filesystem image then analyze it to see if its infected or not
Читать полностью…
some stealer in marketplace also have hashes(public in ressearch article) when combine with others exe i think when extract compressed files in it we found exact stealer inside
Читать полностью…
that's new, you have any download samples link ?
Читать полностью…
Guys am dealing with a bunch of stealer files with naming "node.exe" i guess its nodejs file also some of them are electron apps, is there any means to deal with it?
One of them I just found is using *asar* which can be used to extract the actual code
Hi, any recommedations for an EDR with a friendly trial or free seats for learning?
Читать полностью…
Hi all. Has anyone analyzed spymax android rat? I'm trying to trick a malicious apk by simulating C2 in my virtual machine and reconfigured network. the virus tries to initiate a connection with the server, but does not fully establish it, that is, it is not possible to reveal the full functionality of the virus.
The main goal is to dump malicious traffic while the virus is running and reproducing remote actions on the phone. Please advise what I can try?
User Hamed has 1/3 warnings; be careful!
Reason:
read rules and use english for communication
don't update and wait for about 2 years and there MIGHT be a jailbreak for that version and device
Читать полностью…
New FedBan
Fed: Libra's Empire
FedAdmin: Libra
User: Unknown Mr
User ID: 6728884712
Reason: no skids
haven't been in jailbreaking for a while. does checkra1n not support every single version? if it's not maintained im sure there is a fork of it which does support ios 17.x
Читать полностью…
and with the AZstealer-Build.exe in virus total you found it as stealer ?
Читать полностью…
On GitHub there are 2
https://github.com/ComodoSecurity/openedr
https://github.com/0xrawsec/whids
I use whids at home, but be careful how you configure it. I think I have a setting that backs up my VM and ate up all my storage space because of some detections and I had to hunt that down
Hello Unkle, welcome to the Malware Research group! Please read the pinned message before you post!
Читать полностью…