Pieter Arntz – Page 2 – Computer Security Articles

Analyzing malware by API calls

October 31, 2017 admin api, flooder, obfuscated malware, packers, Pieter Arntz, Technology, Threat analysis, Trojan, vflooder

Credit to Author: Pieter Arntz| Date: Tue, 31 Oct 2017 18:59:11 +0000

As an alternative to reverse engineering malware that is protectively packed, we look at the option of analyzing malware by API calls to determine what a file might be up to.

Categories:

Tags: api flooder obfuscated malware packers Pieter Arntz trojan vflooder

(Read more…)

The post Analyzing malware by API calls appeared first on Malwarebytes Labs.

MalwareBytes Security

Using ILSpy to analyze a small adware file

October 5, 2017 admin .NET, Adware, assembly, decompile, dotdo, grandfather.exe, ilspy, malware, Pieter Arntz, Threat analysis

Credit to Author: Pieter Arntz| Date: Thu, 05 Oct 2017 16:19:25 +0000

ILSpy is an open-source .NET assembly browser and decompiler. We demonstrate its use looking at a simple adware file.

Categories:

Tags: .NET adware assembly decompile dotdo grandfather.exe ilspy Pieter Arntz

(Read more…)

The post Using ILSpy to analyze a small adware file appeared first on Malwarebytes Labs.

MalwareBytes Security

Explained: YARA rules

September 15, 2017 admin Explained, malware, Pieter Arntz, rules, Security world, Technology, the more you know, Threat analysis, yara

Credit to Author: Pieter Arntz| Date: Fri, 15 Sep 2017 15:00:08 +0000

YARA is a tool that can be used to identify files that meet certain conditions. It is mainly in use by security researchers to classify malware.

Categories:

Tags: Explained malware Pieter Arntz rules the more you know yara

(Read more…)

The post Explained: YARA rules appeared first on Malwarebytes Labs.

MalwareBytes Security

Explained: False positives

September 7, 2017 admin Explained, f/p, false positives, Pieter Arntz, Security world, Technology, the more you know

Credit to Author: Pieter Arntz| Date: Thu, 07 Sep 2017 15:00:21 +0000

False positives are alarms for non-specific files or behavior that is flagged as malicious, while in fact there were no bad intentions present.

Categories:

Tags: Explained f/p false positives Pieter Arntz the more you know

(Read more…)

The post Explained: False positives appeared first on Malwarebytes Labs.

MalwareBytes Security

Facebook worries: I didn’t post that

September 6, 2017 admin 101, apps, Facebook, Facebook Messenger, FYI, permissions, Pieter Arntz, the more you know

Credit to Author: Pieter Arntz| Date: Wed, 06 Sep 2017 15:00:12 +0000

What could have happened when you find Facebook posts or messages that you didn’t post or send? And what are the actions you can take to prevent further abuse?

Categories:

Tags: apps facebook Facebook Messenger permissions Pieter Arntz the more you know

(Read more…)

The post Facebook worries: I didn’t post that appeared first on Malwarebytes Labs.

MalwareBytes Security

Malware vaccination tricks: blue pills or red pills

August 30, 2017 admin canary file, cybercrime, keyboard, language, malware, Malwarebytes, Pieter Arntz, ransomware, registry key, vaccination, vaccine, virtual machine

Credit to Author: Pieter Arntz| Date: Wed, 30 Aug 2017 18:00:10 +0000

Malware vaccination tricks are offered for various sorts and families of malware, but can and should we use them? What are the pros and cons? Read all about it.

Categories:

Tags: canary file keyboard language malware Malwarebytes Pieter Arntz ransomware registry key vaccination vaccine virtual machine

MalwareBytes Security

Explained: digital forensics

August 25, 2017 admin digital, forensics, Pieter Arntz, Security world, Technology, the more you know

Credit to Author: Pieter Arntz| Date: Fri, 25 Aug 2017 15:30:46 +0000

Digital forensics is different from cyber-security as it deals with the problem when it’s too late for precautions. It’s the science of figuring out what happened just before and after a breach.

Categories:

Tags: digital forensics Pieter Arntz the more you know

(Read more…)

The post Explained: digital forensics appeared first on Malwarebytes Labs.