Stack Overflow
Stack Overflow

Questions tagged [malware-detection]

Malware detection relates to any form of discovering whether or not a file contains undesired source instructions, that would perform malicious instructions, ranging from stealing information, directing users to unrequested actions, or even damaging the hardware. Detection attemps to discover malware while not allowing it to be executed, for this reason, most detections search for "footprints", i.e. sequencial binary code in its instructions.

233 questions
1
vote
3 answers

Is it possible to implement heuristic virus scanning in Python?

I am trying to create a virus scanner in Python, and I know that signature based detection is possible, but is heuristic based detection possible in Python, ie. run a program in a safe environment, or scan the program's code, or check what the…
user3429036
1
vote
1 answer

Is there a BLACKLIST Database available containing a list of MD5 digests of malware?

Is there a free or commercial blacklist that I can feel a software that classifies files for bering malware?
Mr. Nun.
  • 775
  • 11
  • 29
1
vote
2 answers

hooking ,dll injection and thread safe

When I'm overwriting the first opcodes of a function with the jmp opcode , I'm actually writting 5 bytes (or 2 for jmp short). But what if another thread (from the same proccess) will call this function while I'm changing it? This will cause…
avi.c
  • 65
  • 6
1
vote
4 answers

Good source to learn how about virus and other security tools?

Anti-virus, malware, botnets and the like are becoming larger and larger parts of our daily lives. Are there any resources that discuss creating anti-virus tools, security tools and such? Seems like an interesting topic, but I have not been able to…
RiddlerDev
  • 7,370
  • 5
  • 46
  • 62
1
vote
1 answer

Minimum length of virus signatures

I haven't found information about this anywhere. Is there a minimal required length for virus signatures? I've read in book by Peter Szor that for 16-bit applications 16 bytes is enough even to avoid false positives. Is there equvilent minimum for…
Samuel
  • 2,430
  • 5
  • 31
  • 41
0
votes
4 answers

Wordpress Security Malicious Software

My wordpress has been working fine (it is updated), and then this morning I got a warning from google about visiting my site. When I clicked on the details I got the message below. I went and disabled my comments all together. Deleted plugins that I…
Paula Dea Creo Bannerman
  • 11
0
votes
0 answers

Siteground detects malware in SimpleCaptchaClass.php file

Siteground detects the following as suspicious PHP file. Can you please assist on how to resolve Source code - https://pastebin.com/pzbhRyWu
Saurav Arya
  • 45
  • 3
0
votes
0 answers

PEStudio unable to analyze certain malware samples - grayed out sections with '(wait)', why?

I had several malware samples and used PEStudio for static analysis. Some samples worked very well, but other samples that PEStudio could not analyze it. Very few sections in PEstudio are grayed out and had "(wait)" beside it ( example is this…
skinnyp3nis
  • 11
  • 2
0
votes
0 answers

Android Malware Static Analysis - Androguard

TypeError Traceback (most recent call last) /usr/lib/python3.10/codeop.py in call(self, source, filename, symbol) 116 117 def call(self, source, filename, symbol): --> 118 codeob = compile(source,…
NFIGMT
  • 1
0
votes
0 answers

API Breakpoints not hitting while debugging a malware using x32dbg

I have been having a really strange issue which I have tried all ways to troubleshoot from my end but was not successful. I am going through a malware analysis course and following the debugging process of the trainer in the video, when I am trying…
Daksh Kapur
  • 1
  • 1
0
votes
1 answer

AttributeError: 'PE' object has no attribute 'resources' - resources_nb = len(pe.resources) PEFILE

`I am new to using PEfile . i actually started working on it for a project. I wrote a code in python to extract the following from a executable file ('Name', 'md5', 'Machine', 'SizeOfOptionalHeader', 'Characteristics', 'MajorLinkerVersion',…
Ibrahim Fawaz Olamide
  • 1
  • 1
0
votes
0 answers

Is google reCaptcha have malware on it?

I'm using google reCaptcha on my client website, from avast i getting alert as in image below Is that possible that reCaptcha have some treat on it ? or if is it not what should i do to tackle this issue ?
huntz rahmadi
  • 116
  • 2
  • 11
0
votes
0 answers

What is the need for phishing threshold when then is a already a term called PCL(Phishing Confidence level)?

Here are reference to what I'm talking about. (https://i.stack.imgur.com/6MhPR.png)(https://i.stack.imgur.com/B9lbj.png) (https://i.stack.imgur.com/4eoni.png) I need a clear explanation for the need of Phishing threshold ,when there already Phishing…
Sivahari Venkatesan
  • 1
0
votes
2 answers

Monitoring Windows API calls using system wide hooks

I am trying to monitor Windows API calls. I have read about it and found there is no easier way to monitor API calls system wide than by using kernel drivers. I was wondering if there is any other method to do this system wide? Also if anyone knows…
Prathamesh nale
  • 11
0
votes
0 answers

How can I detect which Android native function that is hooked by Cydia Substrate: MSHookFunction?

I want to detect hook behavior of MSHookFunction on Android but no idea yet. This is Cydia Substrate I use in my test app https://github.com/Breathleas/Android-Hooking-Template-Cydia-Substrate/tree/master/jni/Substrate After complete function hook.…
Ken Kem
  • 635
  • 1
  • 6
  • 13
1 2 3
15 16