[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <BANLkTimD-mDXyxQ7wiNhczF4jO+431MbrA@mail.gmail.com>
Date: Sat, 14 May 2011 23:24:45 +0100
From: Chris M <chris@...lroute.net>
To: secn3t@...il.com
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: MalBox Release! A Program Behavior Analysis
System!
Yeah, and lets have some more info on the technology behind it :)
Open sauce?
Have you looked at any "enterprise" malware analysis platforms?
-C
On Sat, May 14, 2011 at 11:22 PM, -= Glowing Doom =- <secn3t@...il.com>wrote:
> Hello ppl,
> same , I had uploaded a KNOWN infected exe, and it loaded page, but then
> returned nothing , Using firefox 4 browser, yes some script addons wich
> prevent crapware,but other than that, it should have been swift to respond
> with a positive, it did nothing but load in the browser, was a letdown,hope
> you can get it to work cross browser, because would be a very handy app for
> sure
> xd
>
>
>
> On 15 May 2011 07:55, Chris M <chris@...lroute.net> wrote:
>
>> Not convinced.
>>
>> Tried to upload a few samples, "only support EXE files" ---- no DLLs? yet
>> you take URLs? only to exes?
>>
>> The file I upped was a PE file. Just with a renamed extension.
>>
>> Also submitted a couple of "known bad" files and got a list of tcp ports
>> back.... how is this operating? _SHARED_ sandbox?
>>
>> Whats it based on?
>>
>> More information would be appreciated :)
>>
>> -C
>>
>> 2011/5/13 CnCxzSec衰仔 <cncxzhack@...il.com>
>>
>>> .__ ___. _____ _____ | | \_ |__ ____ ___ ___ / \ \__
>>> \ | | | __ \ / _ \\ \/ / | Y Y \ / __ \_| |__| \_\ \( <_> )> < |__|_| /(____
>>> /|____/|___ / \____//__/\_ \ \/ \/ \/ \/ MalBox Release!!A Program Behavior
>>> Analysis System! MalBox:A Program/Malware Behavior Analysis System, which is
>>> able to analyze the local and network behaviors of a submitted malware,
>>> including file/process/registry/network(irc,http,ect.) behaviors, and will
>>> send the report to the submitter .
>>>
>>> Welcome to use our MalBox: http://malbox.xjtu.edu.cn/
>>>
>>> --------------------------------------
>>> Malbox is always improving! If you want to contact us, send e-mail to
>>> dflower.zs@...il.com
>>> --------------------------------------
>>>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>
>>
>>
>> --
>> I’m a hot-wired, heat seeking, warm-hearted cool customer, voice
>> activated and bio-degradable. I interface with my database, my database is
>> in cyberspace, so I’m interactive, I’m hyperactive and from time to time I’m
>> radioactive.
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>
--
I’m a hot-wired, heat seeking, warm-hearted cool customer, voice activated
and bio-degradable. I interface with my database, my database is in
cyberspace, so I’m interactive, I’m hyperactive and from time to time I’m
radioactive.
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists