Stack Overflow
Stack Overflow

Questions tagged [malware-detection]

Malware detection relates to any form of discovering whether or not a file contains undesired source instructions, that would perform malicious instructions, ranging from stealing information, directing users to unrequested actions, or even damaging the hardware. Detection attemps to discover malware while not allowing it to be executed, for this reason, most detections search for "footprints", i.e. sequencial binary code in its instructions.

233 questions
0
votes
1 answer

How to detect the Javascript injected suspicious file in my wordpress post?

Detected potentially suspicious content from the website malware scanner. It showing some code from the scan results:https://scanner.pcrisk.com/detailed_report/pragmaticwebmedia.com#details But unable to find the script on my site. How to delete the…
Vijay
  • 13
  • 4
0
votes
1 answer

How to fix this md5 scanner not removing infected malware files?

I'm doing a QC check on my finished md5 malware scanner using a Hyper-V VM running Windows 10. The scanner didn't remove the malware samples supplied from https://virusshare.com which hashes were contained in the scanner database and were…
kornkaobat
  • 93
  • 9
0
votes
0 answers

Calculating number of times each IAT was called from PE

I am trying to calculate the number of times each IAT-import address table was called by a PE. It is like this: counter=0 for entry in file.DIRECTORY_ENTRY_IMPORT: print (entry.dll) for imp in entry.imports: print ('\t',…
Shubham Kalsi
  • 33
  • 4
0
votes
1 answer

Is controlling windows not owned by your process considered a malware activity?

I am planning to follow one of the suggestions made here to control window dimensions, hide/show and bring to front of a window owned by a different process from my process. Window manipulation using window-handle from different process on MS…
Ramki
  • 1
0
votes
1 answer

WordPress website redirecting to sslgateway.com

A WordPress website is getting redirected to sslgateway.com while browsing from mobile. I have downloaded all the files and searched for malicious code, but couldn't find anything. Does anyone have affected with this before?
Akhilesh
  • 1,243
  • 4
  • 16
  • 49
0
votes
0 answers

Manipulation of eit by calling isDebuggerPresent

Found a nice code snippet (https://github.com/invictus1306/Anti-debugging-techniques/blob/master/anti-debugging.asm) for anti-debugging mechanism in asm. My question is about following snippet: ;IsDebuggerPresent first -…
Schugar
  • 1
  • 1
0
votes
0 answers

Identification of encryption in Python programs

I need to identify if a python program does some sort of encryption during its execution. I have tried some approaches (I'll sort by difficulty level): The source code of a program in python can have synonymous words that can identify some…
Roberto Nascimento Jr.
  • 11
  • 1
0
votes
1 answer

installing cuckoo on a separated network?

I am wanting to analyze malware using cuckoo https://cuckoo.sh/docs/introduction/index.html. I understand the installation but I want to make sure my host and guest cannot infect my network. I have a virtual machine inside the network that I plan to…
Murphy
  • 17
  • 4
0
votes
1 answer

Wordpress Favicon Malware

favicon.ico malware wordpress One of my client wordpress website affected with malware. the files are affected in root index.php, wp-settings.php and created some .3433232.ico files in wordpress.
david moore
  • 1
  • 2
0
votes
1 answer

MISP automation key

So I'm trying to automate the script that sending curl requests to MISP API (misp-project.org). The problem is that there is an API KEY which should be in every request and you can get it only by mannually copy-pasting it into your script from…
iceone213
  • 1,141
  • 1
  • 11
  • 22
0
votes
1 answer

Detecting Malicious Web Pages using Machine Learning

I'm looking to develop an application which will detect malicious web pages. I'm thinking of a browser extension. So, I started to look for some research papers and found the below one. A Deep Learning Approach to detecting Malicious Javascript code…
Thunder Kay
  • 143
  • 13
0
votes
1 answer

DLL/exe Injection into running process

Is it normal to inject DLL or exe program into running process? After injection, I'm able to read process memory showing injected DLL/exe contents.
Yogesh Shelke
  • 23
  • 1
  • 5
0
votes
2 answers

HTTP fails on Inetsim

I'm trying to set up a malware analysis lab, following the instructions found here: https://blog.christophetd.fr/malware-analysis-lab-with-virtualbox-inetsim-and-burp/ In setting up inetsim to simulate internet protocols, I keep getting "http_tcp_80…
SVill
  • 331
  • 5
  • 22
  • 55
0
votes
0 answers

Force execution only of .php scripts?

Is there a way to configure your server in a way that it will execute only scripts with the .php extension? This makes things easier when looking for malicious code in your folders. Possible? Is this the default? Would this work also with includes?
Riccardo
  • 2,054
  • 6
  • 33
  • 51
0
votes
1 answer

Cuckoo permission denied for .vmx file on a Mac OS Host

I am facing an issue when I try to run the cuckoo sandbox after all the installation. Host Machine: macOS machine with VMware Fusion running. Guest : Windows VM I installed the Cuckoo Sandbox in a virtual environment within macOS. I did edit the…
B.Safe
  • 1
  • 3
1 2 3
15 16