Stack Overflow
Stack Overflow

Questions tagged [malware-detection]

Malware detection relates to any form of discovering whether or not a file contains undesired source instructions, that would perform malicious instructions, ranging from stealing information, directing users to unrequested actions, or even damaging the hardware. Detection attemps to discover malware while not allowing it to be executed, for this reason, most detections search for "footprints", i.e. sequencial binary code in its instructions.

233 questions
0
votes
1 answer

Which Roblox/LUAU classes can have malware/scripts hidden inside?

Which Roblox/LUAU classes can have malware/scripts hidden inside? Which classes will still be executed as a script? Which classes cannot contain a malicious script? Audio? Since the complaint has been made that it's not clear what I'm asking, I've…
GAM II
  • 45
  • 8
0
votes
1 answer

Google safe browsing API not returning threat URLs

I'm sending requests to the Google safe browsing API. I believe I'm following their documentation correctly. I've tried regenerating my key. I'm sending the request below POST…
Mr J
  • 2,655
  • 4
  • 37
  • 58
0
votes
0 answers

got a random file names imgres.html

So I was opening visual studio code and I saw that I have a new html file that I don't remember having previously. It is 247,365 characters and 4,354 words. does anyone know what this is?(it also includes js) I cant send the code since the limit is…
Twisted Bannana Number 5
  • 3
  • 1
0
votes
2 answers

How to solve "[Winerror]:10054 An existing connection was forcibly closed by the remote host"?

I am trying to fetch the json response using the VirusTotal API. To fetch the results as a response I have created a python script which is as shown below : Then error show like this : [Winerror]:10054 An existing connection was forcibly closed by…
Akshay Mewada
  • 181
  • 2
  • 9
0
votes
1 answer

How to write Yara script that creates a rule to match/detect strings contained within a file to another directory which contains a lot of such files?

The malware is of PE type. Use the magic bytes for this file type. To create a rule with a lot of strings it may be useful to write a script that creates the rule for you. The strings found through intelligence may be present in other files in…
Tapan Jatakia
  • 1
  • 2
0
votes
1 answer

How to find the Cross reference of a function or a string using r2pipe?

I am working on a malware detection project where I am using both radare2 and r2pipe. I know how to find the cross references of a function and string with the help of "axt @function_address/string_address" command. But the problem is that same…
RAMA
  • 13
  • 4
0
votes
1 answer

Avoid Antivirus detection C++

For a school project, I'm developing a tiny malware that replicate itself and autorun with reg keys. I want my program to set a reg key to autorun but when I do it Windows defender detect the RegSetValueExA function from windows.h. I also want my…
Sad1que
  • 37
  • 6
0
votes
1 answer

Understanding a Composite Document File V2 Document Malware file

I have a malware to analyze with md5sum - 000cbfb28e750f2e321551c03e4fe488 When I run file {malware-file-name} it shows : Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.3, MSI Installer, Last Printed: Fri Dec 11…
achal
  • 21
  • 5
0
votes
1 answer

Launch an external JS engine with forwarding data from the browser

I want to analyze a large and confusing JS code. The code is heavily obfuscated and even tools like JStillery cannot work with it. I would like to somehow build one of the open JS-interpreters, run it outside the browser and debug in more…
bukkojot
  • 1,526
  • 1
  • 11
  • 16
0
votes
1 answer

Is digital certificate of PE(Portable Executable) file is in overlay of file?

Digital Certificate is in the overlay of file or digital certificate is outside of a file
Malware Analyst
  • 1
0
votes
1 answer

Decoding a Payload using GitHub Decoder Script

Abstract: I am analysing a pcap file, with live malware (for educational purposes), and using Wireshark - I managed to extract few objects from the HTTP stream and some executables. During my Analysis, I found instances hinting Fiestka Exploit Kit…
AAJJ
  • 3
  • 1
0
votes
2 answers

How do I make installed antiviruses detect a program?

I'm trying to make a program that gets detected by almost all antiviruses, but the program shouldn't do anything to the computer. I am attempting to get a trogan/rat/worm false positive, but if I put rats I made into the system, it doesn't alert the…
Dubstep
  • 137
  • 1
  • 10
0
votes
1 answer

Which of this program can be multithreaded?

I am a normal user and does not have strong background in programming. I have a 64 bit, dual core machine (Dell Vostro 3400) and I think I can run multithreaded program with this machine (yes?) The program that I think could be convert into…
newbies
  • 1
0
votes
0 answers

Malicious file is could not be deleted

i have found an unknown file at my wp-admin folder.i have used the wordfence plugin for scan and here's the error message: " Unknown file in WordPress core: wp-admin/e9e6c70243f58b4144b87db4e3541ed9 " What's interesting is i deleted it multiple…
razu
  • 1
  • 3
0
votes
2 answers

How to intentionally trigger a false positive from a virus scan?

I want to test a virus scanner, but I don't want to have actual malware stored on my machine. In the past, I've seen innocuous software marked as a virus by vague "heuristics" from anti-malware programs. I want to write a program that is not in any…
IntBonus
  • 3
  • 1
1 2 3
15 16