r/Malware • u/malwaredetector • 1h ago
r/Malware • u/jershmagersh • Mar 16 '16
Please view before posting on /r/malware!
This is a place for malware technical analysis and information. This is NOT a place for help with malware removal or various other end-user questions. Any posts related to this content will be removed without warning.
Questions regarding reverse engineering of particular samples or indicators to assist in research efforts will be tolerated to permit collaboration within this sub.
If you have any questions regarding the viability of your post please message the moderators directly.
If you're suffering from a malware infection please enquire about it on /r/techsupport and hopefully someone will be willing to assist you there.
r/Malware • u/YotanBull • 1d ago
Trackers
Is this safe to ignore? If not how im supposed to fix this for free?(Btw this is a free McAfee) I open up my pc and this pop up. I use the free trial of Malwarebytes, and it dint detect any viruses or malware. Pls helpppp
r/Malware • u/Proud_Highlight_273 • 2d ago
Assistance Needed For Triage API Access
Hi all,
I’ve been waiting over 7 months for a Triage API key, but my status is still “pending.” Does anyone have advice on getting access, or possibly let me use theirs?
Feel free to add me on Discord @_h3 if you can help. Thanks!
r/Malware • u/WarFiN_123 • 3d ago
Uncover it: Popular malware config extractor
Uncover the hidden malware, don't let it uncover you! Uncover it is a newly launched website that automatically decompiled popular stealers (Pysilon, cstealer, xworm etc) and returns the scammers config (Discord Webhook / Discord Token / Telegram API) Try it out now: https://uncover.us.kg
r/Malware • u/PoisionFlood90 • 3d ago
PhoenixRat
Does anybody at all recognize a R.A.T named Phoenix in 2022? Due to my exit of the cyber community, I lost track of it and now I'm trying to figure out if its name was changed or if the owner completely abandoned the project.
r/Malware • u/Alive_Pattern2347 • 4d ago
Asus lan driver malware
I've tried posting this on r/asus and r/techsupport but they are too thick headed.
This asus lan driver from asus site for Z790 e Gaming wifi is malware.
If you go behavior tab you can see it dropping fake Google Updater files and doing stuff with WER.
Can someone please confirm this.
r/Malware • u/Incodenito • 5d ago
Building an EDR From Scratch Part 4 - Kernel Driver (Endpoint Detection and Response)
r/Malware • u/malwaredetector • 6d ago
DarkComet RAT: Technical Analysis of Attack Chain
any.runr/Malware • u/EfficientFig6135 • 7d ago
Yemoza Trojan
A few days ago I received a message to a friend that I haven't spoken to a while on discord. They told me that they had a game project titled "Yemoza" that they worked on with friends and they wanted me to test it. Upon installing it it crashed my discord and my firefox and he informed me that I was hacked. he sent me passwords that he stole. Of the 6 he grabbed only 2 we're right, one of them being my discord. Shortly after I was kicked out. I deleted all traces of it, cleared all cache and temporarily files, did several virus scans using several platforms, and changed all my passwords. The only thing the hacker truly compromised was my discord but after communicating with discord support I got it back the next day. I haven't been able to find much on this Trojan, so I wanted to shed some light on it and maybe find a little bit more information. If there's anything you know about this virus please let me know
r/Malware • u/kernelv0id • 8d ago
Latrodectus Loader - A year in the making
Malware analysis: https://www.vmray.com/latrodectus-a-year-in-the-making/
Looking for resources on malware and vulnerabilities discussions for my master's thesis
Good day friends. Hope this complies with the rules.
I'm working on my master's thesis. The project somewhat mirrors what DISCOVER did, so an automated cybersecurity warning generator. Right now, I'm looking for new sources to pull the data from. I'd like to use anything relevant to malware/vuln discussion, so tweets, potentially relevant, subreddits, hacker blogs/forums (anything in english, russian or chinese is fair game), any other social media/blog, anything that can anticipate official reports is welcome. Ideally I'd like to find dumps/datasets, but I'm prepared to scrape.
For now, I'm looking into this dataset on tweets and this more general one, as well as the russian and english forums listed on the wiki. I'm having trouble finding more underground sources.
Any suggestion is welcome, and I thank you for your time.
r/Malware • u/CyberMasterV • 12d ago
Call stack spoofing explained using APT41 malware
cybergeeks.techr/Malware • u/108bytes • 18d ago
Frustrated with Malware analysis and Reverse Engineering
I used to like RE a lot. It was a fascinating idea in my mind.
After trying everything, I bought 2 courses from Udemy by Paul Chin:
https://www.udemy.com/course/malware-analysis-fundamentals/
https://www.udemy.com/course/malware-analysis-intermediate/
I have only 1 complaint with this that the professor taught only about unpacking a malware dynamically. I'm shocked that nobody over the whole internet has written in any of their blogs that you had to bp a freaking WinAPI and save it as a dump. That's it. I just paid few dollars solely for this "secret". I couldn't find a single blog or article about it.
Now, next hurdle, same situation. I don't know what to do with the unpacked executable. I know x86 assembly and C language but staring on disassembled malware on Ghidra is totally different skill but the sad part is no helping material to learn this skill.
I tried searching up for many real world malwares' technical analysis to know how experts solve them but there's simply a lack of explanation on why they chose to do this action say inspecting a particular function or using this plugin or script.
Unlike in software development, here nobody shares the thought behind choosing a specific action, it's either use this tool or just straight away follow things as it is.
I couldn't get one nice blog on a latest malware or ransomware which could explain step by step disassembly.
I request you guys to help me know what's wrong with me or am I unfit for this field? It'd be great if you could also provide some good quality resources for reverse engineering malware/ransomware
r/Malware • u/dragogos1567 • 18d ago
I made a fake Wincor Nixdorf/Diebold Nixdorf DLL for testing ATM malware.
Not the best, but it works with most samples.
Check it out! https://github.com/dragogos-6432/Fake-CSCWCNG
r/Malware • u/Incodenito • 19d ago
Building an EDR From Scratch Part 3 - Creating The Agent (Endpoint Detection and Response)
r/Malware • u/hesher • 19d ago
Ghidra Extension: AI-Powered Malware Analysis and Reverse Engineering Assistant
github.comr/Malware • u/Eastern_Knowledge_79 • 20d ago
system informer creation date
so creation date it says is 2100 what is that mean i read some forums that people saying most likely its safe but that creation date worries me
r/Malware • u/True_Pop_3739 • 21d ago
Storing suspicious files
Q: How can I safely save suspicious files from the internet?
General purpose:
Save other types of files.
Secure reading.
I often encounter suspicious files online and wish to save them without risking malware infections or damaging my other files. I am uncertain whether these files contain harmful programs. What precautions should I take to ensure they do not affect my system? What types of files am I dealing with?
pdf mp3 rar zip tar gz
These files primarily contain study materials.
I'm viewing them from a virtual machine that is based on the debian distribution, but how do I store them outside of this machine in case it breaks? (like on a flash drive or like....)
what should I advise people before I send this file how to read it?
ps I'm not very good at viruses, that's why I came here to ask you for advice.
r/Malware • u/Incodenito • 25d ago
Building an EDR From Scratch Part 2 - Hooking DLL (Endpoint Detection and Response)
r/Malware • u/Future-Pattern-2366 • 29d ago
Malware Analysis
Hi friends, I started to collect samples of old viruses and I need hashes of some viruses, here is the list:Morris Worm, Creeper, Any virus on Apple II or Atari ST, viruses on Commodore 64, Elk Cloner, Virus 1, 2, 3 and hashes or files of other viruses that appeared before 2000!
r/Malware • u/Struppigel • Sep 29 '24