Malware Analyst

Ask your beginner questions here.
Post Reply
Nurohman Mohammed
Posts: 6
Joined: Sun Jan 20, 2019 7:24 am

Sun Jan 20, 2019 9:45 am

Hey, I'm new here.
I want to ask about analyzing malware.
1. How do malware analysts use the [ progress telerik fiddler web debugger ] to detect the type of malware they are analyzing? like when analyzing a suspicious url that is transferred to another page, let's call it an exploit kit. fiddler immediately detects the name of the malware.
is there a tutorial to do that?

2.How can I access the sample file from Virustotal and hybrid-analysis?
I have tried registering virustotal intelligence but they have proposed a number of conditions such as asking to show the results of my published malware analysis.
what do they mean, I analyze a malware then explain each step and information after that I publish it?

sorry if the language I use is difficult to understand because I use a translator, I'm from Indonesia.
hackr8
Posts: 25
Joined: Fri Dec 21, 2018 1:50 pm
Contact:

Sun Jan 20, 2019 8:02 pm

In order to access Virustotal samples you need a Private API key and as far as I know getting one is not easy.
My forum: hackrhouse.freeforums.net
Fedor22
Posts: 57
Joined: Sun Dec 03, 2017 5:50 pm
Location: Russian Federation

Sun Jan 20, 2019 9:10 pm

Yep, you must have your own corporate entity and be prepared to show qualifications or credentials.
Once you understand what kind of queries you will be making, they may be willing to discuss access and pricing options.
Nurohman Mohammed
Posts: 6
Joined: Sun Jan 20, 2019 7:24 am

Mon Jan 21, 2019 1:46 am

owh, thankyou for the answer, I think just doing research alone is enough.
by the way, my answer number 1, anyone know here about that ?
screenshot :
1. https://3.bp.blogspot.com/-Fb0ffWXTBqw/ ... 1600/0.png
Image

2. https://3.bp.blogspot.com/-YO5T97aCQJo/ ... 1600/0.png
Image
Antelox
Posts: 265
Joined: Sun Mar 21, 2010 10:38 pm
Contact:

Mon Jan 21, 2019 8:40 am

About question 1, it's because of the EKFiddle plugin:

https://github.com/malwareinfosec/EKFiddle

In short it tries to do detection based on some well known formats/indicators.

BR,

Antelox
Nurohman Mohammed
Posts: 6
Joined: Sun Jan 20, 2019 7:24 am

Thu Jan 24, 2019 6:09 am

okay, thankyou :D
User avatar
FakeAVHunter
Posts: 117
Joined: Thu Feb 01, 2018 6:20 pm
Location: Romania
Contact:

Fri Jan 25, 2019 2:10 pm

Is not easy to analyst malware
Post Reply