Jump to content


Check out our Community Blogs

Register and join over 40,000 other developers!


Recent Status Updates

View All Updates

Photo
- - - - -

Heuristic Analysis And Disassembly (Antivirus In Vb.net)

VB.NET assembly

  • Please log in to reply
1 reply to this topic

#1 CodeBlue

CodeBlue

    CC Lurker

  • Just Joined
  • Pip
  • 1 posts
  • Programming Language:Visual Basic .NET
  • Learning:C#

Posted 10 June 2012 - 09:41 PM

I know this topic is not answered in just a few short words but I am having problems finding anything useable, example wise when trying to find a starting position to this thing.
What I understand about heuristics may be allot to some and maybe nothing compared to what i will need to know but here goes everything!!

My understanding of heuristics is that it may have many parts including two types of detection methods being rule based or weight based. With that being said rule based is a behavior type detection that is usualy executed within a virtual enviroment as to not infect the actual filesystem to then monitor the code being executed. Weight based detection may focus on such things as the file size, creation date ect. ect.... I have also researched static and dynamic methods and even thoe I understand most of whats being said there is no examples of anything anywhere except for complicated math examples of which no one but the person who wrote it can understand...... I am looking for a few things here...

Dissasembly for win32 x86 native code (VB6 Program included in attached files)
Emulation enviroment (able to call within vb.net) eg, VM ware
Static analysis ? List of conditions to satisfy (FLAGS)
dynamic analysis ? List of conditions to satisfy (FLAGS)
matching strings from database using wildcards ? (Improving scanning speeds)


I am in bad need for someone to convert the VB6 disassembler that i have included in this post to VB.Net code by either converting the program to dll with a short explaination of how to call it in vb.net or the much more complicated task of rewriting it as I do not understand vb6 language.


Please Please help as I cannot go any further with my level of understanding at this point

thank you all very much for any input you might have!!

Attached Files


  • 0

#2 antivirusDev

antivirusDev

    CC Newcomer

  • Member
  • PipPip
  • 14 posts
  • Programming Language:C, Java, C++, C#, Python, Delphi/Object Pascal, Visual Basic .NET
  • Learning:PHP

Posted 25 October 2013 - 06:24 AM

aadd me im a programmer and working on av too 

skype : emokirov95


  • 0





Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download