worm blog: Hacking the Malware– A reverse-engineer’s analysis

« A spread model of flash worms | Main | Grey Goo hits Second Life »

Hacking the Malware– A reverse-engineer’s analysis

A nice, thorough analysis of a Yahoo! instant messaging worm by Rahul Mohandas, showing how he decoded the exploit, reverse engineered it, and it's effects. Very good example, and something you can learn from.

This paper attempts to document an approach on how the hackers make use of the vulnerabilities to install malicious software on the vulnerable machine. A comprehensive reverse code engineered analysis of the malicious software (Win32.Qucan.a) and the various protection schemes against the worm by various security products are also discussed.

I also describe an approach to setting up a flexible laboratory environment using virtual workstation software such as VMware, and demonstrate the process of reverse engineering a worm using a range of system monitoring tools in conjunction with a disassembler.

I hope this document will help the Malware researchers, Intrusion Analysts and other Security professionals to conduct a more viable and comprehensive research.

Source: Hacking the Malware– A reverse-engineer’s analysis, by Rahul Mohandas. Pointed out by B on IRC. Thanks!

November 8, 2006 in IM worms, malware , papers, tools | Permalink
Tell others: digg submit | del.icio.us this | Reddit

Comments

I don’t think so that Malware is Hacking or Tracking of the Malware is that much easy, but still it is possible to be achieved if proper steps and measures are taken, before trying to Hack Malware, you must have through knowledge about Malware. And for that you can read this article and also http://www.anti-spam-info.com .

Posted by: Blake | Oct 1, 2007 7:04:05 AM

with not me delvikings go come

Posted by: me with delvikings come perder go | Oct 4, 2008 5:35:54 PM

Clear your computer of all the same bugs.
When you are searching for antispyware there is one that you can always depend on, it’s called Search-and-destroy Antispyware. The antispyware solution from Search-and-destroy can provide you with a scan that can find and clear your computer of all the same bugs that the more expensive scans can a much lower price. You can’t beat that, keep your computer running great for less. Visit their site at http://www.Search-and-destroy.com to download this scan and get all the benefits it has to offer. If you’re like me, it will be the best decision you made in a long time.

Posted by: Rubena | Apr 25, 2009 5:28:38 AM

If only there were more people like you - I've had something similar (or so my brother says) to this.

I have NO idea how to get rid of it except for my friend google's help.. oh and blogs :)

Posted by: Virus Removal | Jun 10, 2010 8:40:10 AM

I don't know much about computer bugs and cellphone bugs or worm what ever you call it but I don't want them in my cp or pc. It just give me headaches. Good thing there are always ready cure for it.

Posted by: Jane | Feb 1, 2011 3:43:20 AM

Has anybody come up with the idea of quantum malware (malware that can take on quantum cryptography.

Posted by: John Paul Donoghue | Jun 24, 2011 9:52:50 PM

The Bronx to stadiums around the world. In the two-part special Romeo Santos Inside the Formula that concludes.

Posted by: Cheap Jerry Seinfeld Tickets | Dec 23, 2011 4:41:22 AM

The comments to this entry are closed.