Posts Tagged ‘malware’

1. Dont assume anything. Make some time to learn about securing your system.

2. Acquire and use a reliable antivirus program. Select an antivirus that has a consistent track record. Checkmark, AV-Test.org and TuV are among the most respected independent testers of antivirus software.

3. Acquire and use a reliable firewall solution. Again, independent reviewers are your best bet for reasonable choices. Some operating systems come with a firewall which only filters incoming traffic. Use a firewall that can control both incoming and outgoing Internet traffic.

4. Do not open e-mails coming from unknown or distrusted sources. Many viruses spread via e-mail messages so please ask for a confirmation from the sender if you are in any doubt.

5. Do not open the attachments of messages with a suspicious or unexpected subject. If you want to open them, first save them to your hard disk and scan them with an updated antivirus program.

6. Delete any chain e-mails or unwanted messages. Do not forward them or reply to their senders. This kind of messages is considered spam, because it is undesired and unsolicited and it overloads the Internet traffic.

7. Avoid installing services and applications which are not needed in day-by-day operations in a desktop role, such as file transfer and file sharing servers, remote desktop servers and the like. Such programs are potential hazards, and should not be installed if not absolutely necessary.

8. Update your system and applications as often as possible. Some operating systems and applications can be set to update automatically. Make full use of this facility. Failure to patch your system often enough may leave it vulnerable to threats for which fixes already exist.

9. Do not copy any file if you don’t know or don’t trust its source. Check the source (provenance) of files you download and make sure that an antivirus program has already verified the files at their source.

10. Make backups of important personal files (correspondence, documents, pictures and such) on a regular basis. Store these copies on removable media such as CD or DVD. Keep your archive in a different location than the one your computer is in.

Anubis is sponsored by Secure Business Austria and developed by the International Secure Systems Lab. We are a small team of enthusiastic security professionals doing research in the field of computer security and malware analysis. Our goal is to provide interested and advanced computer users with a tool that helps in combatting malware. This is why we provide this service free of charge.

 

Anubis is a tool for analyzing the behavior of Windows PE-executables with special focus on the analysis of malware. Execution of Anubis results in the generation of a report file that contains enough information to give a human user a very good impression about the purpose and the actions of the analyzed binary. The generated report includes detailed data about modifications made to the Windows registry or the file system, about interactions with the Windows Service Manager or other processes and of course it logs all generated network traffic. The analysis is based on running the binary in an emulated environment and watching i.e. analyzing its execution. The analysis focuses on the security-relevant aspects of a program’s actions, which makes the analysis process easier and because the domain is more fine-grained it allows for more precise results. It is the ideal tool for the malware and virus interested person to get a quick understanding of the purpose of an unknown binary.

Anubis is the result of more than three years of programming and research. We have designed Anubis to be an open framework for malware analysis that allows the easy integration of other tools and research artifacts. This will allow us to integrate new research prototypes produced by our group into Anubis as soon their code base is stable enough.

http://analysis.iseclab.org/