How to identify malware Malware analysis

Discussion in 'Trojan and Viruses' started by fajolesi, Mar 17, 2018.

  1. fajolesi

    fajolesi New Member

    Hello friends, in this issue I will show you the best way to understand malicious software I visited the forum on a total of viruses, such as total virus scan is a clear thing never say anything. You do not need to need a lot of viruses, such as total viruses.

    Preparing the Machine to Work as a Harm

    1. Wire Shark

    Wireshark is a program with many time-saving lifecycle presets that allows network traffic to be monitored via a graphical interface. Just as instant network traffic can be monitored via the computer where the application is installed, Wireshark can also be used with the purpose of examining previously saved files

    RegShot: http://sourceforge.net/projects/regshot/
    ApateDNS: https://www.mandiant.com/resources/d ... dianthin-apatedns
    Process Explorer: http://technet.microsoft.com/en-us/s.../bb896653.aspx
    Process Monitor: http://technet.microsoft.com/en-us/s.../bb896645.aspx
    DbgPrint: http://msdn.microsoft.com/en-us/libr...=vs.85%29.aspx
    Wireshark: http://www.wireshark.org/download.html

    Tools for static analysis:
    Dependency Walker: Dependency Walker (depends.exe) Home Page
    PEview: Request Rejected
    PEID: http://tuts4you.com/download.php?view.398
    Strings: http://technet.microsoft.com/en-us/s. ../bb897439.aspx
    IDA: https://www.hex-rays.com/products/ida/index.shtml
    PE Browse:Windows Debugger, Disassembler, Code Analyzers
    Resource Hacker: Resource Hacker


    Tools Used for Dynamic Analysis:
    Immunity Debugger:
    WinDbg: http://msdn.microsoft.com/en-us/libr.../gg463009.aspx
    Ollydbg (Can be used instead of Immunity ): OllyDbg v1.10


    Tools Used for Memory Analysis:
    Volatility:
    Memoryze: https://www.mandiant.com/resources/download/memoryze
    Windd:
     

Share This Page