linuscomex Posted August 18, 2011 Posted August 18, 2011 Hi all please help me to virus reverse engineering and find virus source code Throughreverse engineering
evlncrn8 Posted August 18, 2011 Posted August 18, 2011 Alarm bells ringing... Give one good reason please...
evlncrn8 Posted August 18, 2011 Posted August 18, 2011 Its not usuallty that simple, first you usually have to be able to reverse engineer very well then you move onto viruses and malware.. This is typical and done to stop script / virus kiddies getting new viruses and malware
linuscomex Posted August 18, 2011 Author Posted August 18, 2011 do you can put tutorial from virus reverse engineering here for all?
evlncrn8 Posted August 19, 2011 Posted August 19, 2011 Nope i cant, have you actually even done reverse engineering before?, cos writing an anti virus (your plan..right?) is not that easy..drivers are involved etc and requires a fair amount of technical knowledge and expertise.. 1
KpochMx Posted September 2, 2011 Posted September 2, 2011 Virus are like other programs with malicious intructions so download a Virus (not hard),*Load it on Ollydbg Vmware XP machine (Just to be safe and use DeepFreeze )*Donwnload RegMon and FileMon to see what is written to your computer at opening .exe*Check that file registry and file change on olly dbg most of virus modified registry to autostart and change explorer.exeWritte your advances and move on more complicated Virus like Fake Antivirus
Jaymz Posted September 3, 2011 Posted September 3, 2011 (edited) Hi all please help me to virus reverse engineering and find virus source code Through reverse engineering Not sure if I should do this,but ..... http://www.opensc.ws/trojan-malware-samples/http://zeltser.com/combating-malicious-software/malware-sample-sources.htmlhttp://www.offensivecomputing.net/ ..should get you started.. edit: oh,btw.. you have to register on offensivecomputing site, and you have to state reasons why should they grant you an access to their huge DB.. If they accept it,you will be validated and given access.. ..but if that's your answer,forget about it. Edited September 3, 2011 by Jaymz 1
chickenbutt Posted October 23, 2011 Posted October 23, 2011 trash olly and go with IDA..static analyses and hex dump cross-references is the only reliable way anyways. You'll also need it for RISC binaries.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now