search

Apress / malware-analysis-detection-engineering

Source Code for 'Malware Analysis and Detection Engineering' by Abhijit Mohanta and Anoop Saldanha
Other
110 stars 39 forks source link

Samples 10-5 and 10-7 seem not to be working properly #3

Open PranaKn opened 7 months ago

PranaKn commented 7 months ago

Hi Guys,

Thank you for this awesome book!

I read all chapter through to chapter 10. All the samples worked wonderfully. But I had a few issues with sample 10-5 and 10-7.

Both of them doesn't seem able to inject the DLL provided. They manage to find the DLL but for some reason don't create the Thread.

Is there anything I can do to find out how to fix this issue?

I tried using diferent path and switching from foward slash do backward slash. Also provided different kinds of permission to the binary. But it didn't seem to work.

I'm open to provide whatever information needed.

I'm running currently my lab in a Windows10 machine with all AV features disabled. FlareVM has been run there also.

MalwareAnalysisAndDetectionEng1

poona commented 7 months ago

Hi,

The samples have been tested to work on Win 7 32bit. So it may or may not work on Win 10 machines. Are you on Win 10 32 bit?

On Tue, 27 Feb 2024 at 02:38, Prana @.***> wrote:

Hi Guys,

Thank you for this awesome book!

I read all chapter through to chapter 10. All the samples worked wonderfully. But I had a few issues with sample 10-5 and 10-7.

Both of them doesn't seem able to inject the DLL provided. They manage to find the DLL but for some reason don't create the Thread.

Is there anything I can do to find out how to fix this issue?

I tried using diferent path and switching from foward slash do backward slash. Also provided different kinds of permission to the binary. But it didn't seem to work.

I'm open to provide whatever information needed.

I'm running currently my lab in a Windows10 machine with all AV features disabled. FlareVM has been run there also.

MalwareAnalysisAndDetectionEng1.png (view on web) https://github.com/Apress/malware-analysis-detection-engineering/assets/79663123/ee044471-2630-4c0c-a079-2d4266057333

— Reply to this email directly, view it on GitHub https://github.com/Apress/malware-analysis-detection-engineering/issues/3, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAIZER7QKUSDC6NM3YLQ4A3YVT2UVAVCNFSM6AAAAABD25KZ3OVHI2DSMVQWIX3LMV43ASLTON2WKOZSGE2TKMJTGQ2DAMA . You are receiving this because you are subscribed to this thread.Message ID: @.***>

-- Anoop Saldanha

PranaKn commented 7 months ago

Hi poona,

Thanks for the reply.

Oh, I see.. My mistake.

No Win 10 64 bit.