Page 1 of 1

Malware Analyst

PostPosted:Sun Jan 20, 2019 9:45 am
by Nurohman Mohammed
Hey, I'm new here.
I want to ask about analyzing malware.
1. How do malware analysts use the [ progress telerik fiddler web debugger ] to detect the type of malware they are analyzing? like when analyzing a suspicious url that is transferred to another page, let's call it an exploit kit. fiddler immediately detects the name of the malware.
is there a tutorial to do that?

2.How can I access the sample file from Virustotal and hybrid-analysis?
I have tried registering virustotal intelligence but they have proposed a number of conditions such as asking to show the results of my published malware analysis.
what do they mean, I analyze a malware then explain each step and information after that I publish it?

sorry if the language I use is difficult to understand because I use a translator, I'm from Indonesia.

Re: Malware Analyst

PostPosted:Sun Jan 20, 2019 8:02 pm
by hackr8
In order to access Virustotal samples you need a Private API key and as far as I know getting one is not easy.

Re: Malware Analyst

PostPosted:Sun Jan 20, 2019 9:10 pm
by Fedor22
Yep, you must have your own corporate entity and be prepared to show qualifications or credentials.
Once you understand what kind of queries you will be making, they may be willing to discuss access and pricing options.

Re: Malware Analyst

PostPosted:Mon Jan 21, 2019 1:46 am
by Nurohman Mohammed
owh, thankyou for the answer, I think just doing research alone is enough.
by the way, my answer number 1, anyone know here about that ?
screenshot :
1. ... 1600/0.png

2. ... 1600/0.png

Re: Malware Analyst

PostPosted:Mon Jan 21, 2019 8:40 am
by Antelox
About question 1, it's because of the EKFiddle plugin:

In short it tries to do detection based on some well known formats/indicators.



Re: Malware Analyst

PostPosted:Thu Jan 24, 2019 6:09 am
by Nurohman Mohammed
okay, thankyou :D

Re: Malware Analyst

PostPosted:Fri Jan 25, 2019 2:10 pm
by FakeAVHunter
Is not easy to analyst malware