Buy Signature subscribers

Malware Signatures

ClamAV is an open-source anti-virus engine designed to detect viruses, Trojans, malware and other threats. It supports multiple file formats (documents, executables or archives), uses multi-threaded scanner features and receives updates 3-4 times a day for its signature database. Additionally, we are updating our database, so the user will get improved results. Benefits of using … Read more

Why choose Malware Expert Commercial ModSecurity Rules ?

ModSecurity

No matter how well a web server is configured, it is useless if it’s not properly secured. It’s a famous saying, ‘a chain is as strong as its weakest link’. As a system admin you have to address all vulnerabilities of your server. Since one single untreated vulnerability will be exploited by an attacker and … Read more

load_all.jar

Malware details

Today we found Java based malware. If attacker found File Upload vulnerability on the server, then it upload manual.php based malware, which trying load load_all.jar to server and running it background. Manual.php $out = shell_exec(“java -version 2>&1”); preg_match(“/version\s+\”1\.(\d+)\./”,$out,$matches); $ver = 0; if($matches)$ver = (int)$matches[1]; This manual.php uses lot off shell_exec function, but if you have … Read more

Proc.php trying injecting header.php files

Malware details

When this malware successful uploaded customer website and access it GET request, it’s trying search backward files and folder, searching header.php files. indexEditor When all folders and files searched and header.php files founded, it tries the patch malicious code to header.php file. Malicious code In begin this malware have CODE which added wanted file’s: Final … Read more