Stack Overflow
Stack Overflow

Questions tagged [malware-detection]

Malware detection relates to any form of discovering whether or not a file contains undesired source instructions, that would perform malicious instructions, ranging from stealing information, directing users to unrequested actions, or even damaging the hardware. Detection attemps to discover malware while not allowing it to be executed, for this reason, most detections search for "footprints", i.e. sequencial binary code in its instructions.

233 questions
3
votes
2 answers

when google mark a file as malware?

I have couple of Js files including jQuery in my website. Google says: The last time Google tested a site on this network was on 2013-02-14, and the last time suspicious content was found was on 2013-02-14. Do you have any idea in what conditions…
Somnath
  • 3,247
  • 4
  • 28
  • 42
3
votes
2 answers

Signature scanning

many antivirus programs using signature-based malware detection. Here is creating signatures for ClamAV. I can understand how they create signatures considering that the whole file is a malware, but I couldn't understand how to find malware when it…
Lando
  • 107
  • 1
  • 8
3
votes
3 answers

iFrame Injection Attack Followed us to New Server

A few months ago, a hidden iFrame started showing up on every page on every site on our dedicated server. When we took the sites down for maintenance with a 503, the iFrame was still there on the down for maintenance page. Eventually, the host…
Roy Nylund
  • 41
  • 1
  • 3
2
votes
2 answers

Python script to detect malware website or procedure to detect malware on a website?

I am very curious to know how malware detection (like google's safebrowsing) techniques work? Googling does not help my cause. I found some thing called cuckoobox which do such things. Exactly how Malware detection of a website works? What may be…
Tauquir
  • 6,613
  • 7
  • 37
  • 48
2
votes
1 answer

Python FileNotFoundError with os.listdir(sys.argv[1])

Building a malware classifier for a class and I am just trying to implement a loop that goes through every file in a folder using os.listdir() and I specified that the folder is the given argv. I have been stuck on this problem for hours but I can't…
Vyxxen
  • 21
  • 3
2
votes
2 answers

Is there any way to decode this malware code from infected file?

I'm trying to decode these lines bellow inside "" , WriteBytes objFile, "5 240 23 65 0 68 210 237 0 136 29 26 60 65 203 232 214 76 0 0 104 224 218 64 255 232 216 164 0 0 131 196 4 83 28 35 104 76 64 65 0 203 252 252 0 0 139 85 12 139" WriteBytes…
tester2020
  • 21
  • 3
2
votes
2 answers

Windows Defender detects Trojan:HTML/Phish.PH!MTB in a simple HTML file

I have two laravel-mix projects which I maved for a client, with packages like jquery, bootstrap, sweet alert installed through npm. Nothing complicated. I worked on the first project for a couple of weeks and cloned it into another directory and…
chuysbz
  • 1,262
  • 6
  • 18
  • 47
2
votes
1 answer

AMSI: perform malware scanning of large files by chunks

The AMSI has function AmsiScanBufferfor scanning byte array. But in that case the content of the whole must be read to memory which may be impossible for large files. The AmsiScanBuffer function has parameter amsiSession which is intended to be used…
Gennadiy Falatiuk
  • 21
  • 4
2
votes
1 answer

What this software trick to list current process and write memory with current function that not documented

Can someone explain why this software can list all process and write process without using any api function that related to that specific task? or with current function can do that things. the sofware is called ArtMoney. its a memory editor…
user9084543
2
votes
1 answer

Cryptolocker Honeypot FileSystemWatcher

I am a novice when it comes to scripting so please bear with me. I am trying to create a script that will monitor a bait file that is added to all file shares on a server. When the script sees that the file was modified it will block access to the…
taylor.itnow
  • 21
  • 4
2
votes
1 answer

Identifying if code injection occurred (JollyWallet, etc)

We are looking to alert a user if code injection has occurred while the page is loading. We are having an issue where JollyWallet injects code and causes a SCRIPT block to remain open. Of course our code is in that SCRIPT block. Here is what we…
Walter
  • 21
  • 7
2
votes
2 answers

Avast JS:Pdfka-PK infection warning with jQuery.min.js but jQuery.js works good

In our Client site we got Avast JS:Pdfka-PK in one of our page which has swf file. And avast is not allowing us to open this page at all. I already spent one whole day and not sure where the issue is. Any help is greatly appreciated. Thanks in…
Dilip Rajkumar
  • 7,006
  • 6
  • 60
  • 76
2
votes
2 answers

Speed up image conversion times

If this is a newby question, forgive me. I have coded a php file uploader. After hearing that hackers could attatch/disguise code to images to infect sites, I got an idea to solve that problem. To convert the upload image to another file format…
mcfish
  • 102
  • 1
  • 10
2
votes
1 answer

How is heuristic-based virus detection possible?

The Halting Problem states that it is impossible for one program to predict the output of another, or whether it will terminate. That got me thinking... how do heuristics based-scanners decide whether a given executable program's instructions are…
Govind Parmar
  • 20,656
  • 7
  • 53
  • 85
1
vote
1 answer

PHP: detect which script is calling header();

I'm trying to find a malware that's causing a redirect on a website. Most probably it's using header("location: ...") so i'm wondering is there a way to determine which script file is calling the header() Any help is appreciated
Nasko
  • 41
  • 1
  • 10
1 2
3
15 16