Any Additional Considerations to Testing Malware in Windows XP SP3 32 bit?

Status
Not open for further replies.
AtlBo

AtlBo

Level 28
Thread author
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
Really just want to test responses of Comodo Firewall and some other programs (non-sig based security) to simple unknown malware samples. Hope to be able to chronicle the auto-changes to security program settings associated with user choices on alerts etc. Are there any special considerations to doing this in a Windows XP SP3 32 bit VM?

One other thing. Is there a best place/way to find non-ransomware malware?
 
  • Like
Reactions: Sunshine-boy
D

Deleted member 178

AtlBo said:
Really just want to test responses of Comodo Firewall and some other programs (non-sig based security) to simple unknown malware samples. Hope to be able to chronicle the auto-changes to security program settings associated with user choices on alerts etc. Are there any special considerations to doing this in a Windows XP SP3 32 bit VM?
Click to expand...
I wont use XP personally, better Win7 (which is closer to Win8/10)

One other thing. Is there a best place/way to find non-ransomware malware?
Click to expand...
Did you check our malware hub?
 
  • Like
Reactions: GonzitoVir, malis2007, Sunshine-boy and 1 other person
5

509322

AtlBo said:
Really just want to test responses of Comodo Firewall and some other programs (non-sig based security) to simple unknown malware samples. Hope to be able to chronicle the auto-changes to security program settings associated with user choices on alerts etc. Are there any special considerations to doing this in a Windows XP SP3 32 bit VM?

One other thing. Is there a best place/way to find non-ransomware malware?
Click to expand...

hybrid-analysis.com
malwr.com

You'll find anything you want as long as you know what you're looking for and how to look for it.

Use the Search and Advanced Search functions. You'll figure it out. Find articles that analyze a malware and give hashes. Then search by hash. You can also search by name.
 
  • Like
Reactions: malis2007, Sunshine-boy and AtlBo
AtlBo

AtlBo

Level 28
Thread author
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
Umbra said:
I wont use XP personally, better Win7 (which is closer to Win8/10)

Did you check our malware hub?
Click to expand...

Not yet. Im just going to be testing some program mechanisms mostly so I just need some "unrecognized" files. For example, I'd like to test Comodo's command-line heuristics against unrec files and then maybe BB element of 360 and some others. If I do any serious testing Ill use W7 or W10. Doubt that will be soon tho.

Ill check the malware hub thanks. Mostly I was looking for any information on securing the VM. Is there anything extra I need to do. Ill install Windscribe on the VM to start and turn off the sharing.

Lockdown said:
hybrid-analysis.com
malwr.com

You'll find anything you want as long as you know what you're looking for and how to look for it.
Click to expand...

Great. That's what I need. Sounds like I can find standard low-medium danger malware. That's what I would like to start with. Going to set up the VM tonight and get the updates done for Windows. Might as well give it as much of a fighting chance as possilbe I suppose.

Hope I can come out of this in a couple of months with some nice pic sequences for various settings choices in some programs. Also, MAYBE a video on command-line protection in Comodo. Not sure what exactly at this point.
 
  • Like
Reactions: Sunshine-boy
EASTER

EASTER

Level 4
Verified
Well-known
May 9, 2017
145
AtlBo said:
Not yet. Im just going to be testing some program mechanisms mostly so I just need some "unrecognized" files. For example, I'd like to test Comodo's command-line heuristics against unrec files and then maybe BB element of 360 and some others. If I do any serious testing Ill use W7 or W10. Doubt that will be soon tho.

Ill check the malware hub thanks. Mostly I was looking for any information on securing the VM. Is there anything extra I need to do. Ill install Windscribe on the VM to start and turn off the sharing.



Great. That's what I need. Sounds like I can find standard low-medium danger malware. That's what I would like to start with. Going to set up the VM tonight and get the updates done for Windows. Might as well give it as much of a fighting chance as possilbe I suppose.

Hope I can come out of this in a couple of months with some nice pic sequences for various settings choices in some programs. Also, MAYBE a video on command-line protection in Comodo. Not sure what exactly at this point.
Click to expand...

Whatta champ.

As mentioned you will find exactly those m'wares you will like to pit against Comodo and others.
Save a clean VM snap or two and should be good to go.

Reason I mention "champ" is because most folks have all but put XP in their rear view mirror for good but you can read a good many others actually still favor it and some even have that system pretty well clamped down which really isn't so hard to do after all in spite of things after you learn how.

Have a safe time of it and we look forward to seeing those results on the other end.
 
  • Like
Reactions: AtlBo
AtlBo

AtlBo

Level 28
Thread author
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
EASTER said:
Whatta champ.
Click to expand...

@EASTER. I feel like Ive been through a championship boxing title fight about right now...or maybe MMA :D. Not sure the VM is perfect yet, but I can't think of anything but a security program and malware next. 300 updates or whatever it was. Don't want to grab a snapshot until I am a little bit more sure.

For now, I could end up posting a thread for test requests for questions about Comodo and was thinking of ReHIPS once I have some time to establish a routine and get some experience. Could be others too, but I am steering away from sigs to the mechanical side testing in XP. Generally, the idea is to get a full handle on settings choices<->alerts choices<->unblock choices and how they affect each other and security file trust ratings. I want to see how the Comodo heuristics by itself does against malware for example. I know it will lose some if not many, but what I would like to know is how effective it is when there is command-line.

Only gave XP 2 gigs, but it seems to be doing OK in the VM...default 16 MB of video memory might be a question mark tho.

One thing I need is a browser. Anybody have an opinion for a browser for XP? Don't know what I can run....maybe SlimJet?
 
Status
Not open for further replies.

Similar threads

vtqhtr413
    • Like
    • +Reputation
Security News Raspberry Robin malware returns with early access to Windows exploits
Replies
0
Views
1,043
Security News
vtqhtr413
vtqhtr413
Gandalf_The_Grey
    • Like
    • Thanks
AV-TEST Security Software for Windows: 18 Security Packages Put to the Test
Replies
1
Views
1,106
Security Statistics and Reports
Bot
Bot
silversurfer
    • Like
    • Thanks
New Update Windows 11 KB5022905 preview update released with 13 changes
Replies
8
Views
955
Windows 11
ForgottenSeer 98186
F

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top