Network Forensics Blog » Malware Analysis

Network Forensics Blog » Malware Analysis http://www.networkforensics.com Tue, 21 Jun 2011 22:54:21 +0000 en hourly 1 http://wordpress.org/?v=3.1

Using WinDbg to Begin Reverse Engineering Unknown Malware from Memory http://www.networkforensics.com/2011/06/13/using-windbg-to-begin-reverse-engineering-unknown-malware-from-memory/ http://www.networkforensics.com/2011/06/13/using-windbg-to-begin-reverse-engineering-unknown-malware-from-memory/#comments Mon, 13 Jun 2011 03:03:46 +0000 Gary Golomb http://www.networkforensics.com/?p=788 http://www.networkforensics.com/2011/06/13/using-windbg-to-begin-reverse-engineering-unknown-malware-from-memory/feed/ 4 Mutex Analysis: The Canary in the Coal Mine (and Discovering New Families of Malware?) http://www.networkforensics.com/2011/06/11/mutex-analysis-the-canary-in-the-coal-mine-and-discovering-new-families-of-malware/ http://www.networkforensics.com/2011/06/11/mutex-analysis-the-canary-in-the-coal-mine-and-discovering-new-families-of-malware/#comments Sat, 11 Jun 2011 10:34:40 +0000 Gary Golomb http://www.networkforensics.com/?p=755 http://www.networkforensics.com/2011/06/11/mutex-analysis-the-canary-in-the-coal-mine-and-discovering-new-families-of-malware/feed/ 2 Network Forensics and Reverse Engineering Part 2 – A deeper dive into real JavaScript analysis and reverse engineering http://www.networkforensics.com/2011/01/12/network-forensics-and-reverse-engineering-part-2-%e2%80%93-a-deeper-dive-into-real-javascript-analysis-and-reverse-engineering/ http://www.networkforensics.com/2011/01/12/network-forensics-and-reverse-engineering-part-2-%e2%80%93-a-deeper-dive-into-real-javascript-analysis-and-reverse-engineering/#comments Wed, 12 Jan 2011 03:36:14 +0000 Gary Golomb http://www.networkforensics.com/?p=699 http://www.networkforensics.com/2011/01/12/network-forensics-and-reverse-engineering-part-2-%e2%80%93-a-deeper-dive-into-real-javascript-analysis-and-reverse-engineering/feed/ 1 VM Detection by In-The-Wild Malware http://www.networkforensics.com/2010/12/13/vm-detection-by-in-the-wild-malware/ http://www.networkforensics.com/2010/12/13/vm-detection-by-in-the-wild-malware/#comments Mon, 13 Dec 2010 09:03:15 +0000 Gary Golomb http://www.networkforensics.com/?p=592 http://www.networkforensics.com/2010/12/13/vm-detection-by-in-the-wild-malware/feed/ 1 Identifying the country of origin for a malware PE executable http://www.networkforensics.com/2010/11/25/identifying-the-country-of-origin-for-a-malware-pe-executable/ http://www.networkforensics.com/2010/11/25/identifying-the-country-of-origin-for-a-malware-pe-executable/#comments Thu, 25 Nov 2010 06:36:04 +0000 Gary Golomb http://www.networkforensics.com/?p=563 http://www.networkforensics.com/2010/11/25/identifying-the-country-of-origin-for-a-malware-pe-executable/feed/ 0 Network Forensics and Reversing Part 1 – gzip web content, java malware, and a little JavaScript http://www.networkforensics.com/2010/11/14/network-forensics-and-reversing-part-1-gzip-web-content-java-malware-and-a-little-javascript/ http://www.networkforensics.com/2010/11/14/network-forensics-and-reversing-part-1-gzip-web-content-java-malware-and-a-little-javascript/#comments Sun, 14 Nov 2010 16:52:32 +0000 Gary Golomb http://www.networkforensics.com/?p=526 http://www.networkforensics.com/2010/11/14/network-forensics-and-reversing-part-1-gzip-web-content-java-malware-and-a-little-javascript/feed/ 0 Bredolab Takedown – Just the tip of the Iceberg http://www.networkforensics.com/2010/11/04/bredolab-takedown-%e2%80%93-just-the-tip-of-the-iceberg/ http://www.networkforensics.com/2010/11/04/bredolab-takedown-%e2%80%93-just-the-tip-of-the-iceberg/#comments Thu, 04 Nov 2010 12:06:59 +0000 alex http://www.networkforensics.com/?p=487 http://www.networkforensics.com/2010/11/04/bredolab-takedown-%e2%80%93-just-the-tip-of-the-iceberg/feed/ 1 Sometimes the answer really is that simple… http://www.networkforensics.com/2010/10/26/sometimes-the-answer-really-is-that-simple/ http://www.networkforensics.com/2010/10/26/sometimes-the-answer-really-is-that-simple/#comments Tue, 26 Oct 2010 18:38:39 +0000 tim http://www.networkforensics.com/?p=442 http://www.networkforensics.com/2010/10/26/sometimes-the-answer-really-is-that-simple/feed/ 0 It’s Malware! http://www.networkforensics.com/2010/10/18/its-malware/ http://www.networkforensics.com/2010/10/18/its-malware/#comments Mon, 18 Oct 2010 12:33:46 +0000 Gary Golomb http://www.networkforensics.com/?p=461 http://www.networkforensics.com/2010/10/18/its-malware/feed/ 0 Tracking the “Here You Have” Worm http://www.networkforensics.com/2010/09/10/tracking-the-here-you-have-worm/ http://www.networkforensics.com/2010/09/10/tracking-the-here-you-have-worm/#comments Fri, 10 Sep 2010 15:59:59 +0000 alex http://www.networkforensics.com/?p=420 http://www.networkforensics.com/2010/09/10/tracking-the-here-you-have-worm/feed/ 0