chackraview.net

OK we know from previous post that malware is trying to connect testirc1.sh1xy2bg.NET. To learn more about its intentions, i added fake DNS entry in the XP host configuration file and pointed testirc1.sh1xy2bg.NET to my BackTrack 3 Machine. I then rebooted the live analysis machine and started Wireshark again on BT3 system. As malware has [...]

March 9 was interesting and chaotic day for the  people using Norton Antivirus as they started getting alerts about some binary named PIFTS.exe is trying to reach Internet. When analyzed, people found its traces in Norton Antivirus. This was weired. How does Norton alerting for its own applications? It looked suspicious and people started asking [...]

Backtrack is the top rated security distribution available on earth for security community. Metasploit’s core developer and renown hacker HD Moore says: “BackTrack is the fastest way to go from boot to remote root.” Currently BT is in its third generation.  As Backtrack has excellent support for Audio/Video and most of the desktop features, many [...]

IRC based malware bots caught enormous attention in 2005-06. Though existence of IRC based Malwares are slowing down, Nailing them down is really interesting task. The sole purpose of Malware is to serve his master and follow his order. There are many ways adopted by Malware authors to achieve this, however controlling Malware from Intener [...]

My fascination about apple and their products(OS X / iPhone ) has started only few days back. So the first thing i wanted to do is install MAC OS X on my laptop. As my laptop is already installed with three operating systems; I decided to install OSX under VMWare. So this blog is all [...]

Being a VoIP Security researcher, I need seamless access to variety of Call managers. Its always better to have a small lab setup in your home for offline research requirements. When one think about setting up a low budget, realistic lab, virtualization is the first thing comes in the mind. Today i will walk you [...]

Here I am for the third and final installment of our 3 installment post: Analyzing IRCBots. In the first post I showed you a static and behavioural analysis while in then second post we saw Code patching and analysis. We also conclude the behavior of the malware and categorized it under IRC bot. Those who [...]