Stack Overflow
Stack Overflow

Questions tagged [malware-detection]

Malware detection relates to any form of discovering whether or not a file contains undesired source instructions, that would perform malicious instructions, ranging from stealing information, directing users to unrequested actions, or even damaging the hardware. Detection attemps to discover malware while not allowing it to be executed, for this reason, most detections search for "footprints", i.e. sequencial binary code in its instructions.

233 questions
1
vote
3 answers

Code to search for a specific code any file in a directory and sub directory

Ok I am pretty new to php but I know it can read directorys and files. I have been struggling with malware problem on one of our sites and I need to write a script to search for it on my host space. The code the hackers are putting in the files is…
mindmyweb
  • 888
  • 9
  • 13
1
vote
2 answers

Google Adwords has disapproved my Campaign due to Malware, but I cleaned the code

I'm running a node.js app on a VPS and my advertising for that app was stopped, because Google Adwords has flagged my site for malicious software. I've contacted them and they said it was because of an image that was sourced from a malicious site.…
Ansjovis86
  • 1,506
  • 5
  • 17
  • 48
1
vote
2 answers

Can someone explain the Windows ZwMapViewOfSection system call so that a noob (me) can understand?

I'm investigating a set of Windows API system calls made by a piece of malware running in a sandbox so that I can understand its malicious intent. Unfortunately, I'm struggling to understand the ZwMapViewOfSection function described in…
H3G3moKnight
  • 123
  • 1
  • 9
1
vote
0 answers

Download Malware samples by searching hash values

I am conducting a research to download ransomware samples, in order to analyze them. The challenge lies in downloading the ransomware binaries. I have gone through carious websites, as virusign, malshare and malwre and downloaded more than 60000,000…
ahmad azab
  • 11
  • 1
1
vote
1 answer

Why does malware virus site use multiple link jumps?

Recently I find a new kind of malware site: it only attacks Android phones, it looks normal from PC. And it successfully avoided all malware-detector. To see how it works, take a look at site: www.mfflag.com In the beginning of the html, it has a…
bugs king
  • 566
  • 5
  • 13
1
vote
1 answer

How to extract features from linux kernel?

I'm working on a project which detects a malware based on Machine Learning techniques. My primary targets are linux devices. My first question is; How can I extract data about processes from a linux kernel using a kernel driver? I'd like to extract…
akyayik
  • 664
  • 1
  • 8
  • 25
1
vote
1 answer

signature based vs behaviour-based malware detection

I understand the difference between the two as follows: In the first ' the signature-based' the code of the malware will be examined to extract some sort of signature that identifies malware with similar code .. the signature thus can be a binary…
Ophilia
  • 717
  • 1
  • 10
  • 25
1
vote
1 answer

How to clear pending analysis in Cuckoo sandbox platform

I am testing malware detection on guest VM using Cuckoo sandbox platform. To speed up the analysis, I want to remove pending analysis but keep completed analysis. Cuckoo have --clean option but it will clean all tasks and samples. Can you think of…
Cindy
  • 11
  • 1
  • 3
1
vote
0 answers

Android detect sdk suspicious behivior

My android app uses diffrent sdks which are used as 'black box'. I want to detect suspicious behivior in these sdks, for example if they are using internet connection and which url they connect to. is there a programmatically way to detect if the…
Jonny
  • 196
  • 1
  • 1
  • 11
1
vote
1 answer

Cuckoo file analysis issue

When submitting a binary for analysis in cuckoo, it doesn't appear to do anything. I am able to ping between the VM and host OS (Ubuntu 14.04 LTS), python 2.7 and PIL is installed on the VM (Windows 7 32bit). Cuckoo is able to spin up the VM…
cuckoo_user
  • 11
  • 2
1
vote
0 answers

Prevent malware ads redirects on mobile website

I have a problem with malicious ads on my mobile website, which redirects the user to app store. Mainly on the android browser and Safari for iOS. Is there a way to block redirects for e.g. using javascript ? Maybe some event with preventDefault()…
Kuba
  • 1,415
  • 1
  • 18
  • 29
1
vote
2 answers

Download of Clickonce Application in Chrome marked as Malicious File

It seems that the latest update of Google Chrome 44 to 45 is blocking clickonce applications. Our clickonce application is working fine and is in production for over weeks. This morning we got reports that when users tried to download our…
Elia Franke
  • 27
  • 7
1
vote
1 answer

How do I check a 3rd party Python utility library for malware?

I'm very new to programming and I'm trying to find a program or method to pull out all file names, sheet names, and count the rows of data per sheet from all the Excel files in a single folder. Thus far, I've entertained mostly Excel approaches, but…
kungFuCoder
  • 53
  • 6
1
vote
1 answer

Preventing a PHP cross-site infection

Over the past, i've seen a cpanel account (with addon domains) getting infected from an outdated wordpress installation and spreading itself to other domains since all addon domains were included under public_html folder. ie.…
jeejee
  • 45
  • 1
  • 4
  • 11
1
vote
1 answer

Behavioural part in cuckoo analysis report empty

I analyzed a malware sample SHA1 : 0bd0a280eb687c69b697d559d389e34d4fad02b2. The result generated by cuckoo doesnt contain any information about Behavioral analysis. I analyzed the same malware on malwr.com and it's showing the behavioral part…
user1683894
  • 405
  • 1
  • 6
  • 20
1 2 3
15 16