Question
Asked 18th Dec, 2013
What is the best open source detection tool for malware that has anti-virtualization?
Malware now has the split personality capability to detect virtualization when being analyzed.
Popular answers (1)
You can go with following malware detection tools.
1. pybot Search & Destroy
2.SUPERAntiSpyware
3.HijackThis
4.Pyew
5. Interactive Disassembler (IDA)
3 Recommendations
All Answers (2)
Swiss German University
Try pyew (https://code.google.com/p/pyew/)
Similar questions and discussions
Does anybody have an Android ".csv" Malware Data-set?
- Mikael Ebrahimi Salari
Hi, my M.Sc. thesis is "Detecting Android Malware using TF-IDF and N-Gram Methods Leveraging Text Semantics of Network Flows”. In my M.Sc. thesis I have worked on malware detection to find a new solution for malware evasion problem in android environments.
I want to implement my idea with "Rapid Miner" thus I need a ".csv" data-set of malware and benign app network flows. I've downloaded many data-sets but none of the satisfied my needs.
The most appropriate data-set among all of them for me is Android Malware data-set (InvesAndMal2019).
It's a great ".csv" labeled data-set but unfortunately all of data-set rows labeled as BENIGN.
I really need a ".csv" labeled android malware data-set composed of MALWARE and BENIGN network flows.
Can anybody help me with this?!
Regards
Mikael
Where can I find an accurate re-implementation of the Drebin malware detection system?
- Hamid Bostani
Hello all,
I am reproducing the Drebin malware detection system presented in a paper entitled "DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket". There are many re-implementations of this system in Github; however, the majority of them ignored the feature extraction step that indeed aims to extract the feature introduced in the paper from the APK samples (Android apps). As far as I know, one of the proper re-implementation is "https://github.com/Kenun99/Drebin"; but, the results of extracted features are not the same as what presented in Drebin public repository (https://www.sec.cs.tu-bs.de/~danarp/drebin/download.html).
Anyway, I would be grateful if anyone lets me know that how can I find an accurate re-implementation of this malware detection system?
Is there someone who is able to do reverse engineering of the apk called Process manager(in the description you can find all info)?
- Luca Grieco
Is there someone helps me to understand how to build the server of this apk https://lab52.io/blog/complete-dissection-of-an-apk-with-a-suspicious-c2-server/ ?Or at least,is there someone who can give me the server?I tried to disassemble the apk but it is obfuscated and I don’t know how can proceed
Related Publications
Avatar is a new architecture devised to perform on-the-fly malware analysis and containment on ordinary hosts; that is, on hosts with no special setup. The idea behind Avatar is to inject the suspected malware with a specially crafted piece of software at the moment that it tries to download an executable. The special software can cooperate with a r...
Malware is a worldwide epidemic. Studies suggest that the impact of malware is getting worse. Two types of malware analysis are described here.