Network Forensics Blog

Network Forensics Blog » trojan http://www.networkforensics.com Tue, 21 Jun 2011 22:54:21 +0000 en hourly 1 http://wordpress.org/?v=3.1

Using WinDbg to Begin Reverse Engineering Unknown Malware from Memory http://www.networkforensics.com/2011/06/13/using-windbg-to-begin-reverse-engineering-unknown-malware-from-memory/ http://www.networkforensics.com/2011/06/13/using-windbg-to-begin-reverse-engineering-unknown-malware-from-memory/#comments Mon, 13 Jun 2011 03:03:46 +0000 Gary Golomb http://www.networkforensics.com/?p=788 http://www.networkforensics.com/2011/06/13/using-windbg-to-begin-reverse-engineering-unknown-malware-from-memory/feed/ 4 Mutex Analysis: The Canary in the Coal Mine (and Discovering New Families of Malware?) http://www.networkforensics.com/2011/06/11/mutex-analysis-the-canary-in-the-coal-mine-and-discovering-new-families-of-malware/ http://www.networkforensics.com/2011/06/11/mutex-analysis-the-canary-in-the-coal-mine-and-discovering-new-families-of-malware/#comments Sat, 11 Jun 2011 10:34:40 +0000 Gary Golomb http://www.networkforensics.com/?p=755 http://www.networkforensics.com/2011/06/11/mutex-analysis-the-canary-in-the-coal-mine-and-discovering-new-families-of-malware/feed/ 2 Identifying the country of origin for a malware PE executable http://www.networkforensics.com/2010/11/25/identifying-the-country-of-origin-for-a-malware-pe-executable/ http://www.networkforensics.com/2010/11/25/identifying-the-country-of-origin-for-a-malware-pe-executable/#comments Thu, 25 Nov 2010 06:36:04 +0000 Gary Golomb http://www.networkforensics.com/?p=563 http://www.networkforensics.com/2010/11/25/identifying-the-country-of-origin-for-a-malware-pe-executable/feed/ 0 Network Forensics and Reversing Part 1 – gzip web content, java malware, and a little JavaScript http://www.networkforensics.com/2010/11/14/network-forensics-and-reversing-part-1-gzip-web-content-java-malware-and-a-little-javascript/ http://www.networkforensics.com/2010/11/14/network-forensics-and-reversing-part-1-gzip-web-content-java-malware-and-a-little-javascript/#comments Sun, 14 Nov 2010 16:52:32 +0000 Gary Golomb http://www.networkforensics.com/?p=526 http://www.networkforensics.com/2010/11/14/network-forensics-and-reversing-part-1-gzip-web-content-java-malware-and-a-little-javascript/feed/ 0 Bredolab Takedown – Just the tip of the Iceberg http://www.networkforensics.com/2010/11/04/bredolab-takedown-%e2%80%93-just-the-tip-of-the-iceberg/ http://www.networkforensics.com/2010/11/04/bredolab-takedown-%e2%80%93-just-the-tip-of-the-iceberg/#comments Thu, 04 Nov 2010 12:06:59 +0000 alex http://www.networkforensics.com/?p=487 http://www.networkforensics.com/2010/11/04/bredolab-takedown-%e2%80%93-just-the-tip-of-the-iceberg/feed/ 1 It’s Malware! http://www.networkforensics.com/2010/10/18/its-malware/ http://www.networkforensics.com/2010/10/18/its-malware/#comments Mon, 18 Oct 2010 12:33:46 +0000 Gary Golomb http://www.networkforensics.com/?p=461 http://www.networkforensics.com/2010/10/18/its-malware/feed/ 0 They are watching you…and your security vendors. http://www.networkforensics.com/2010/05/30/they-are-watching-you-and-your-security-vendors/ http://www.networkforensics.com/2010/05/30/they-are-watching-you-and-your-security-vendors/#comments Sun, 30 May 2010 13:32:43 +0000 alex http://www.networkforensics.com/?p=309 http://www.networkforensics.com/2010/05/30/they-are-watching-you-and-your-security-vendors/feed/ 4 Kneber Update http://www.networkforensics.com/2010/02/19/kneber-update/ http://www.networkforensics.com/2010/02/19/kneber-update/#comments Fri, 19 Feb 2010 18:05:25 +0000 tim http://www.networkforensics.com/?p=207 http://www.networkforensics.com/2010/02/19/kneber-update/feed/ 9