Hi, malware collectors of the world!
It´s time to start talking about how to sort your malware collection and presenting the tools you will need in the process.
The first needed tool is the antivirus you will use to scan your collection. You will use KAV 4.5 as I already commented in a previous post in this blog. Using it we will be able to get a list of the malwares we own. You may use other antivirus but for malware exchanges KAV is the standard.
The second needed tool is a software that builds databases from KAV logs. This tool is named VirSort 2000, better known as VS2000. The tool will be explained more deeply in a separated post because it has a large list of functions.
A malware collection is just a bunch of files, so rest of tools involved in managing a malware collection are related to processes related to files.
In a malware collection we must avoid having duplicated files. For this task a good tool is FWeeder by Bumblebee.
Malware collectors usually store the files in their collections by a hash. Years ago CRC32 was the most popular. Years later was MD5. Actually collectors still use MD5 and others use SHA-1 or SHA-256. Having the correct extension for every file in the collection, even if it may be dangerous, it should be a good idea. For all the renaming tasks RenFiles is the tool.
When you trade you must deal with the files the other trader requested. StripLog is the tool for this task.
The above tools (KAV, VS2000, StripLog, RenFiles and FWeeder) are in the basic collection kit of any trader.
Other tool of interest could be VxUnpacker, the tool coded by MoRRo to decrypt quarantined/crypted files. And another one would be VS2000 GUI which is like a compendium of VS2000+StripLog+RenFiles and it can be used for other tasks.
I will dedicate one entry of the blog to every tool.
Suscribirse a:
Enviar comentarios (Atom)
No hay comentarios:
Publicar un comentario