malwareresearch | Unsorted

Telegram-канал malwareresearch - Malware Research

9618

Group for Malware Analysts. Pinned message with resources and rules: https://t.me/MalwareResearch/38033

Subscribe to a channel

Malware Research

any.run - I registered using my personal email
Malware Bazaar - I also used my personal Twitter

Читать полностью…

Malware Research

greetings fellas, I know i asked this question in the past, which malware sample site allows for samples to be downloaded on a free tier

Читать полностью…

Malware Research

For who got the freq 4 macOS malware research, chk it out:
https://0xf00sec.github.io/0x22

Читать полностью…

Malware Research

Is there any job in malware analysis?

Читать полностью…

Malware Research

can you also check mine, I use only my own words and dont care about giving backstory just straight up writing what it does
https://basicacc.github.io/malware_analysis/MassLogger/7e3317f91f7d8e570800045ca8ba7e2ff136e0ea3621ed1deca8b7763b45f624.html
this is latest one I analyzed a few weeks before i dont remember honestly. is this alright or I need to be more formal

Читать полностью…

Malware Research

Did you also use AI to write this too 😭 (just a joke no offence)

Читать полностью…

Malware Research

I like the concept, but it feels really heavy on the LLM part

Читать полностью…

Malware Research

Hello Alla, welcome to the Malware Research group! Please read the pinned message before you post!

Читать полностью…

Malware Research

generic detections work OK

paid Thor (by Nextron Systems) probably can detect more variants of it, but its generic rules should catch it pretty fine

if unsure, generate your own shells and run Thor against your system

Читать полностью…

Malware Research

You would most likely be blocked by most

Читать полностью…

Malware Research

From what I see, it's the same as the open source

Читать полностью…

Malware Research

New FedBan
Fed: Libra's Empire
FedAdmin: Libra
User: Rajesh R
User ID: 1269238954
Reason: no maldev

Читать полностью…

Malware Research

I've never heard of bypassing malware development courses

Читать полностью…

Malware Research

Hello everyone , any ideas how to open guidedhacking its not open for me

Читать полностью…

Malware Research

Guys need a support in downloading godzilla webshells plz

5E54E53E70C0E3193BB9C48479F874D01338A1A8
B4B0EC3DD208D9FC27B7F6A6DBBE7B69CA275200

Читать полностью…

Malware Research

that does not need some sorta of clearance

Читать полностью…

Malware Research

I am completely lost after it mentions "mark of the web"

I don't think it flows very well.

Another example - it installs the legit homebrew. But I'm not seeing where that's being explained, how it happens, what leads to that

I didn't read the entire article since it's too confusing to read

One last thing, one IOC (cfocares) is mentioned to be potentially malicious. So it wasn't analyzed prior to being added as an IOC?

Читать полностью…

Malware Research

Alright, thank you so much for feedback, will work on it. ❤️

Читать полностью…

Malware Research

The flow seems clear, and you describe what you do. I think it will be clearer if you focus more on the formatting. Add headers, create paragraphs with a single focus, rather than lengthy ones which cover multiple topics. Nice work!

Читать полностью…

Malware Research

I think the blog's "soul" is missing because of it. It may contain the details, but it reads as if it it is slop, because its AI slop

Читать полностью…

Malware Research

Yeah! the wordings were churned down through LLM.

Читать полностью…

Malware Research

Hey there! I recently wrote a blog on Medium. "Dissecting a macOS Malware Campaign."
https://medium.com/deriv-tech/brewing-trouble-dissecting-a-macos-malware-campaign-90c2c24de5dc

Читать полностью…

Malware Research

if free Thor doesn't detect it, it shouldn't be that hard to write your rules for detection. you can use their community rules and build on it, and perhaps contribute to it

Читать полностью…

Malware Research

I really don't know why you insist on it

since it's open source, you can download and play with the tool and generate webshells of your liking

lab example - https://blog.csdn.net/zibery/article/details/124824833

someone experimenting it - https://www.cnblogs.com/smileleooo/p/18178347

please use Google Translate or whatever translation tools that you like

one more hint - you will note that cnblogs.com webshell contents are identical to VT's version, so it only means one thing...

there are also English writeups on it, though not on how to use it (I don't know why), but given that detection teams are capable of generating detections, that would mean you don't need the specific webshell, but the tool that generates it

and with that, you can come up with all kinds of combos for experimentation and generate the various use cases for detection, threat hunting, threat intelligence, etc

Читать полностью…

Malware Research

anyone coded or uses a port 25 email validator

Читать полностью…

Malware Research

not able to find with this hash .. i need a help with these 2 customized versions only

Читать полностью…

Malware Research

New FedBan
Fed: Libra's Empire
FedAdmin: Libra
User: Jinja jinja
User ID: 7040505425
Reason: no trading spam

Читать полностью…

Malware Research

I believe they block most of the countries

Читать полностью…

Malware Research

the webshell is open source

Читать полностью…

Malware Research

Forgot to share my latest blog for my employer here! It dives into automagic reverse engineering, based on symbol recovery using Ghidra, scripts, LLMs, and knowledge from the community!

Link: https://www.trellix.com/blogs/research/automagic-reverse-engineering/

Читать полностью…
Subscribe to a channel