Forums
Main Category
General (Technical,...
Malware, or infecte...
 
Notifications
Clear all

Malware, or infected memory dump downloads?

 
General (Technical, Procedural, Software, Hardware etc.)
Last Post by stimpy99 16 years ago
6 Posts
6 Users
0 Reactions
2,001 Views
RSS
erowe
 erowe
(@erowe)
Estimable Member
Joined: 18 years ago
Posts: 144
Topic starter 19/12/2009 12:48 am  

Can anyone suggest a web site from which I could download malware files to infect a test machine with.

I want to create some memory dumps with malware in them to do some practice analysis work.

Another option would be to download some memory dump samples from infected machines if anyone could point me to something like that…

I guess my third option would be to spend the rest of the day surfing russian porn sites and clicking on everything in sight, but I might have some explaining to do if IT security looks at my web traffic wink

Thanks for any help.


   
Quote
 douglasbrush
(@douglasbrush)
Prominent Member
Joined: 16 years ago
Posts: 812
19/12/2009 2:30 am  

Could honeypot a box or VM build. Put it online outside of a NAT or firewall with no protection with an unpatched Windows XP SP1 build and start browsing. If you really want to speed it up, install uTorrent on it and keep it open.


   
ReplyQuote
 thall
(@thall)
Trusted Member
Joined: 16 years ago
Posts: 53
19/12/2009 3:09 am  

Look at nuclear rat is what we used in our course to create a trojan will do what you want it to, can contain it and be sure of what is going on without it going haywire on you.


   
ReplyQuote
 Rossetoecioccolato
(@rossetoecioccolato)
Eminent Member
Joined: 18 years ago
Posts: 34
19/12/2009 10:56 am  

Take a look at http//www.offensivecomputing.net/. Surfing Indonesian p0rn sites will work though. You will have to place the computer in the proper subnet to get anything really interesting, though. If you have an ebay account, or do online banking and only rarely monitor your statement, that might work.


   
ReplyQuote
 neofito
(@neofito)
Active Member
Joined: 17 years ago
Posts: 18
20/12/2009 4:30 pm  

Another option would be to download some memory dump samples from infected machines if anyone could point me to something like that…

The hogfly's skydrive is a good start point

http//cid-5694a755c9c6a175.skydrive.live.com/browse.aspx/Public


   
ReplyQuote
 stimpy99
(@stimpy99)
New Member
Joined: 16 years ago
Posts: 3
27/12/2009 7:00 am  

Go to http//www.malwaredomainlist.com/update.php and pick any of these sites to visit with your unprotected/unpatched VM. You should have a nice "PoxBox" with loads of samples in a matter of seconds.


   
ReplyQuote
Forum Jump:
  Previous Topic
Next Topic  
Share: