Malware detection relates to any form of discovering whether or not a file contains undesired source instructions, that would perform malicious instructions, ranging from stealing information, directing users to unrequested actions, or even damaging the hardware. Detection attemps to discover malware while not allowing it to be executed, for this reason, most detections search for "footprints", i.e. sequencial binary code in its instructions.
Questions tagged [malware-detection]
233 questions
0
votes
1 answer
Antivirus software flagging encryption code as malware
My WPF .NET 4 application has several things going against it, from a malware identification perspective:
It must run directly from a thumb drive
It must allow the user to set device security tied to the host computer
Once device security is set,…
Bruce Pierson
- 567
- 7
- 11
0
votes
1 answer
Auto install programs in cronological order
I wanted to know if i can automate the installation and automatically run programs as soon as i plug in the usb... or maybe clock on an auto-run file.... I'm basically trying to auto run malware removal program (multiple programs) and tell the…
RGK1stLuPZZHole
- 3
- 1
0
votes
2 answers
Determining the country of origin for an exe/dll file
I have a doubt, as to how does one come to the conclusion that an exe/dll is from a specific country? Is there a field in the PE structure that saves this information?
I know that such information(timestamp etc.) can be overwritten and there is no…
rebel87
- 533
- 1
- 4
- 9
0
votes
2 answers
Detect if malware is tampering with website
Is there a way to detect if the HTML DOM is being modified by malware on the end user's system? I have a HTTPS protected website and recently encountered a support call where the user was seeing advertisements in my website. I have no ads in my…
user1625066
0
votes
1 answer
How to remove JS:Illredir-S [Trj] (virus) from website?
My website www.edesimusic.net and www.juraatmedia.com is infected with JS:Illredir-S [Trj] malware. My site keep on getting infected with some redirects or js scripts or iframe script, after cleaning them I change my passwords and it comes again…
Rizwan Aaqil
- 45
- 2
- 10
0
votes
1 answer
Malware on CentOS
I've got an abuse message from Spamhouse with following:
The host at this IP address is currently being used to distribute malware.
Malware distribution located here:
http://xxx.xx.xx.xxx:8080/get/get.php
Where http://xxx.xx.xx.xxx is our…
webbear
- 429
- 1
- 6
- 12
0
votes
1 answer
Donot know how to find the Address of DllMain?
I'm newbie in analyzing Malware. I've installed IDA pro to analyze an malware by name LAb-5 01.dll
As soon as i entered i've loaded the .dll file .But i donot know how to find the address of dllMain.Any help will be appreciated.
sam
- 83
- 1
- 9
0
votes
0 answers
What is the relation between binary(executable) instructions and execution instruction
What I want to know is that is there any similarity or may be difference between a binary instructions and an execution instruction of a binary?
In other world, in area of malware analysis a binary can be examined in both static and dynamic…
Alex
- 303
- 1
- 6
- 17
0
votes
1 answer
What strategies are there to prevent possible unwished behavior of external/bought code?
I want to start a project, technically based on the code of another project -- a clone. E.g. a forum or an online shop, whatever. I'll buy the code base. But then it's theoretical possible, that the developer/seller is able to manipulate something…
automatix
- 14,018
- 26
- 105
- 230
0
votes
1 answer
Website seems to be infected by JPG:PHPAgent-A [Trj]
i am trying to find malware infection in my site (Joomla 1.5.26) but i can not find anything suspicious.
Scanned online in several places as also searched in the filesystem!
Anyone with any ideas why my antivirus (avast) is keeping telling me that…
thanili
- 777
- 4
- 26
- 57
0
votes
1 answer
finding malware in 2 different files of the same program
So this is an intro class I am taking in reverse engineering.
So I have two files that are the same program and one is supposed to have a trojan in it.
I looked at both files and have found some very odd things. However, I don't have reasons as to…
user3419132
- 21
- 1
- 2
0
votes
2 answers
I can't check malware in google webmaster tools
I'm trying to ask for a malware review for a website I made, but google webmaster tools has the following message :
Security Issues
We haven't detected any security issues on your site. If you need more information on security issues related to…
Thoma Biguères
- 1,136
- 4
- 18
- 42
0
votes
1 answer
Stack Overflow Required external JavaScript Issue
I received this error message "Stack Overflow requires external JavaScript from another domain, which is blocked or failed to load" and was unable to comment (and more) in stackoverflow. There were lot of fixes in internet. Sometimes too many…
Ravi
- 578
- 1
- 5
- 15
0
votes
2 answers
Website malware
few days ago I've noticed that my site has a malware warining on Google. So now I have found what caused the problem, and removed the bad scripts, but the malware warning is still showing. Can anyone tell me what should I do next to remove the…
Darko Petkovski
- 3,892
- 13
- 53
- 117
0
votes
1 answer
Launch application from adb without knowing intent, package, and activity
As a part of a research project, I'm doing method profiling work on a bunch of android applications identified as having malicious code in them. To automate the process, I've made a batch file and a java executable to decode, add the…
Mike
- 662
- 3
- 13
- 27