Skip to content

Latest commit

 

History

History
115 lines (95 loc) · 8.12 KB

Malware.md

File metadata and controls

115 lines (95 loc) · 8.12 KB

Blogs

These are links to different blogs containing malware analysis.

Nr URL Title/Description
1 http://www.inreverse.net/ inREVERSE - malware analysis blog
2 http://blog.threatexpert.com/ A blog about automated threat analysis ... and the bad guys it targets
3 http://www.secureworks.com/research/threats/ Threat analyses
4 http://xylibox.blogspot.com/ "Another Blog, Another Box" - malware analysis blog
5 http://contagiodump.blogspot.com/ Contagio is a collection of the latest malware samples, threats, observations, and analyses.
6 http://www.avertlabs.com/research/blog/index.php/category/malware-research/ McAfee - Archive for the 'Malware Research' Category
7 http://evilcodecave.blogspot.com/ IT Security Research Blog: Reverse Engineering - Malware Analysis - Cryptography - Software Engineering - Software Security / Audit
8 http://extraexploit.blogspot.com/ "EVERYTHING OR NOTHING" - malware analysis blog
9 http://ddanchev.blogspot.com/ Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
10 http://blog.armorize.com/ "Armorize Blog" - malware analysis blog
11 http://securityblog.s21sec.com/ S21sec Security Blog
12 http://blog.malwaretracker.com/ malware tracker
13 http://www.abuse.ch/ The Swiss Security Blog
14 http://blogs.paretologic.com/malwarediaries/ Malware Diaries
15 http://perpetualhorizon.blogspot.com/ Perpetual Horizon
16 http://mnin.blogspot.com/ Coding, Reversing, Exploiting
17 http://blog.eset.com/ ESET Threat Blog
18 http://code.google.com/p/malware-lu/ Malwares technical analysis from http://www.malware.lu
19 http://stratsec.blogspot.de/ BAE Systems security research blog
20 http://fumalwareanalysis.blogspot.com.au/p/malware-analysis-tutorials-reverse.html Malware Analysis Tutorials: a Reverse Engineering Approach

Malware analysis

Nr URL Title/Description Date
1 http://mtc.sri.com/Conficker/ An analysis of conficker's logic and rendezvous points 19-03-2009
2 http://www.eset.com/resources/white-papers/Stuxnet_Under_the_Microscope.pdf Stuxnet Under the Microscope 22-12-2010
3 http://www.aall86.altervista.org/TDLRootkit/TDL4_Analysis_Paper.pdf TDL4 Analysis paper: a brief introduction and How to Debug It 08-01-2011
4 http://www.securelist.com/en/analysis/204792157/TDSS_TDL_4 TDSS. TDL-4 25-01-2011
5 http://blog.fireeye.com/research/2011/03/an-overview-of-rustock.html An overview of Rustock 19-03-2011
6 http://www.eset.com/us/resources/white-papers/The_Evolution_of_TDL.pdf The Evolution of TDL: Conquering x64 30-03-2011
7 http://www.prevxresearch.com/zeroaccess_analysis.pdf ZeroAccess – an advanced kernel mode rootkit 09-07-2011(?)
8 http://sophosnews.files.wordpress.com/2012/03/blackhole_paper_mar2012.pdf Exploring the Blackhole Exploit Kit xx-03-2012
9 http://www.crysys.hu/skywiper/skywiper.pdf sKyWIper: A complex malware for targeted attacks 28-05-2012
10 http://reverse.put.as/2012/08/06/tales-from-crisis-chapter-1-the-droppers-box-of-tricks/ Tales from Crisis, Chapter 1: The dropper’s box of tricks 06-08-2012
11 https://community.rapid7.com/community/infosec/blog/2012/08/08/finfisher Analysis of the FinFisher Lawful Interception Malware 08-08-2012
12 http://reverse.put.as/2012/08/20/tales-from-crisis-chapter-2-backdoors-first-steps/ Tales from Crisis, Chapter 2: Backdoor’s first steps 20-08-2012
13 http://reverse.put.as/2012/08/21/tales-from-crisis-chapter-3-the-italian-rootkit-job/ Tales from Crisis, Chapter 3: The Italian Rootkit Job 21-08-2012
14 https://www.securelist.com/en/blog/750/Full_Analysis_of_Flame_s_Command_Control_servers Full Analysis of Flame's Command & Control servers 17-09-2012
15 www.ikarus.at/fileadmin/user\_upload/Download/Report\_MarionMarschalek.pdf Alanysis Report (Backdoor.Win32.Banito) 24-03-2013
16 http://oweng.myweb.port.ac.uk/fbi-tor-malware-analysis/ Analysis of the FBI Tor Malware xx-04-2013
17 http://www.welivesecurity.com/2013/08/27/the-powerloader-64-bit-update-based-on-leaked-exploits/ The Powerloader 64-bit update based on leaked exploits 27-08-2013
18 https://www.securelist.com/en/downloads/vlpdfs/unveilingthemask_v1.0.pdf Unveiling “Careto” - The Masked APT xx-02-2014
19 https://securelist.com/files/2015/02/Equation_group_questions_and_answers.pdf EQUATION GROUP: QUESTIONS AND ANSWERS xx-02-2015

Malware trackers

Nr URL Title/Description
1 http://www.malwaredomainlist.com/mdl.php Malware Domain List
2 https://zeustracker.abuse.ch/ ZeuS Tracker
3 https://spyeyetracker.abuse.ch/ SpyEye Tracker
4 http://www.malwareurl.com/listing-urls.php?urls=on MalwareURL - Website status verification
5 http://hosts-file.net/?s=Browse hpHosts Online - Simple, Searchable & FREE!
6 http://virustracker.info/ Virus Tracker

Online malware analysis

Nr URL Title/Description
1 http://wepawet.iseclab.org/ Wepawet (JavaScript and Flash)
2 http://www.urlvoid.com/ Check Reputation of Domains and Subdomains
3 http://anubis.iseclab.org/ Anubis is a service for analyzing malware
4 http://eureka.cyber-ta.org/ An Automated Malware Binary Analysis Service
5 http://camas.comodo.com/ Comodo Instant Malware Analysis
6 http://ether.gtisc.gatech.edu/web_unpack/ Ether: Malware Analysis via Hardware Virtualization Extensions
7 http://www.ipvoid.com/ Scan URL for malicious activities
8 http://www.norman.com/security_center/security_tools/ Submit a Suspicious File for a FREE Malware Analysis
9 http://www.threatexpert.com/submit.aspx Submit Your Sample To ThreatExpert
10 http://www.malwaretracker.com/pdf.php Examine PDF online
11 http://mwanalysis.org/?site=1&page=submit Malware Analysis System
12 https://new.virustotal.com/ VirusTotal is a free service that analyzes suspicious files and URLs

Tools & Projects

Nr URL Title/Description
1 http://malzilla.sourceforge.net/index.html Malware hunting tool
2 http://code.mwcollect.org/ Malware and attack trace collection daemon
3 http://code.google.com/p/phoneyc/ Pure python honeyclient implementation
4 http://www.mlsec.org/malheur/ Automatic Analysis of Malware Behavior
5 http://www.team-cymru.org/Services/MHR/WinMHR/ WinMHR - Free Malware Detector - Team Cymru
6 https://addons.mozilla.org/en-US/firefox/addon/team-cymrus-mhr/ Quickly check downloaded files against Team Cymru's malware database with just one click!
7 http://www.stoned-vienna.com/ Stoned Bootkit - The official site of Stoned Bootkit
8 http://sarvam.ece.ucsb.edu/submit.html SARVAM: Search And RetrieVAl of Malware
9 http://code.google.com/p/malwasm/ Malwasm was designed to help people that do reverse engineering
10 http://www.cuckoosandbox.org/ Cuckoo Sandbox is a malware analysis system
11 http://rehints.com/ Sharing reverse engineering knowledge

Online self-check

Nr URL Title/Description
1 http://www.dcwg.org/ The DNS Changer Working Group (DCWG)

Uncategorized

Nr URL Title/Description
1 http://zeltser.com/reverse-malware/reverse-malware-cheat-sheet.html Reverse-Engineering Malware Cheat Sheet
2 http://www.malwaredomainlist.com/forums/index.php?board=2.0 Huge list of blogs
3 http://www.prevx.com/malwarecenter.asp Very latest hot file names used by malware
4 http://blogs.technet.com/b/markrussinovich/archive/2011/02/27/3390475.aspx The Case of the Malicious Autostart