🛡ī¸
./Malfav.asm
Linkedin
  • 👋./Malfav.asm
    • 🕸ī¸Malfav Agenda
  • 🕷ī¸Malware Introduction
    • 💡What is Malware
      • 🌠FIN Malware
      • đŸĻ˜Cyber Gang Malware
        • 🕷ī¸Spiders Malware
      • đŸ•ĩī¸â€â™€ī¸Cyber Espionage Malware
      • 🍘Cyber Sabotage Malware
      • 🛴Rootkit
        • đŸĢšBootkit
    • đŸĻĢNations State APT
      • đŸ—¯ī¸APT
      • 🇮🇷Iran APT
      • 🇷đŸ‡ēRussian APT
      • 🇨đŸ‡ŗChines APT
      • 🇮đŸ‡ŗIndia APT
      • đŸ‡ĩ🇰Pakistan APT
      • đŸ‡ģđŸ‡ŗVietnamese APT
      • 🇰đŸ‡ĩNorth Korean APT
    • đŸĨ‹Mobile Malware
      • 📲Android Malware
        • 💰Commerical Android Malware
          • Common Android Spyware
        • 🧧Common Android Exploits
          • 0ī¸Common Android 0day
      • 📱IPHONE Malware
        • 🐚Common IPHONE Spyware
        • đŸ’ĨCommerical IPHONE Malware
        • đŸ’ŖCommon IPHONE Exploits
    • 📃Malicious Documents
      • 📨Excel Spreadsheets
      • đŸ—ŧPowerPoint Presentations
      • đŸ¤ēMicrosoft Office Documents
      • 📑PDF
      • 📄Other Document Formats
      • đŸŠŧCommon Techniques Used in Malicious Documents
    • 🏞ī¸Advanced Persistence Threat - APT
      • đŸĨ APT Groups
        • 🇨đŸ‡ŗMustang Panda
        • 🛕Mustard Tempest
        • 🇨đŸ‡ŗNaikon
        • đŸĒĄNEODYMIUM
        • 🇷đŸ‡ēNomadic Octopus
        • 🇮🇷OilRig
        • 🍊Orangeworm
        • 🇮đŸ‡ŗPatchwork
        • 🇨đŸ‡ŗPittyTiger
        • 🌏PLATINUM
        • 🇱🇧POLONIUM
        • đŸ‡ĩ🇹Poseidon Group
        • 🇹🇲PROMETHIUM
        • 🇨đŸ‡ŗPutter Panda
        • đŸĻRancor
        • 🇨đŸ‡ŗRocke
        • đŸĸRTM
        • 🇷đŸ‡ēSandworm Team
        • 🃏Scarlet Mimic
        • đŸ‡Ŧ🇱Scattered Spider
        • đŸ‡ĩ🇰SideCopy
        • 🇮đŸ‡ŗSidewinder
        • 🔕Silence
        • 🇮🇷Silent Librarian
        • đŸ‡ŗđŸ‡ŦSilverTerrier
        • 🐞Sowbug
        • 🔱Strider
        • 🇨đŸ‡ŗSuckfly
        • đŸĨƒTA2541
        • 🇨đŸ‡ŗTA459
        • đŸ’ŧTA505
        • 💰TA551
        • ☁ī¸TeamTNT
        • 🇷đŸ‡ēTEMP.Veles
        • đŸĻŗThe White Company
        • đŸ’ŗThreat Group-1314
        • đŸĢ“Threat Group-3390
        • 🇨đŸ‡ŗThreat Group-3390
        • đŸĻThrip
        • 🐈ToddyCat
        • 🐙Tonto Team
        • đŸ‡ĩ🇰Transparent Tribe
        • 🐠Tropic Trooper
        • đŸĸTurla
        • 🇮🇷UNC788
        • 🇱🇧Volatile Cedar
        • 🇨đŸ‡ŗVolt Typhoon
        • 🕊ī¸Whitefly
        • 🔘Windigo
        • đŸĒŊWindshift
        • 🇨đŸ‡ŗWinnti Group
        • đŸĨ€WIRTE
        • 🇷đŸ‡ēWizard Spider
        • đŸŽĒZIRCONIUM
      • 🏹APT's Software
        • 🐀3PARA RAT
        • 🐀4H RAT
        • ⚱ī¸AADInternals
        • đŸ”ģABK
        • ⚗ī¸AbstractEmu
        • đŸĒąACAD/Medre.A
        • 🇲🇰AcidRain
        • đŸŦAction RAT
  • 🐁OS Internal's
    • 🍩Suspicious API's
      • đŸĒ¨Process Information API's
      • 🧩Registry API's
      • 🔒Encryption API's
      • đŸ“¯Restore Point API's
      • 👾Exfiltration API's
      • đŸĻ‰Data Wiping API's
      • 📨Shadow Copy API's
      • đŸĒŧWhat is Malicious API's Functions
      • đŸŒĒī¸System Information API's
      • 🌀Network Information API's
  • đŸĒŸWindows Internal
    • 📡Windows Internal
      • đŸĻWhy Windows Internal ?
        • đŸĩī¸Process
        • đŸ§ĩThread
        • đŸĒ­Handle
        • 🌐Memory
        • â˜ĸī¸Ram
        • 🤖ROM
  • 👁ī¸â€đŸ—¨ī¸Malware Technique
    • 📓Malware Technique
    • đŸ’ĸObfuscation
      • đŸĻžAnti-Debugging Techniques
      • 🏗ī¸Instruction Substitution
      • 📔Code Obfuscation
      • đŸ“ĻCode Packing
      • 💈Polymorphism
      • đŸŒŦī¸Control Flow Obfuscation
      • đŸĒ…Data Obfuscation
      • 💅Metadata Obfuscation
      • đŸŽŖMetamorphism
      • ⛲Runtime Obfuscation
    • 🛌Persistence Mechanism
      • 🔰Registry Persistence Mechanism
      • 🗑ī¸Task Sch Persistence Mechanism
      • 📂Startup Folder
      • 🎋AppData Folder
      • đŸĒšTemp Folder
  • ⚔ī¸Malware Resources
    • đŸ‘ģMalware Resources
    • 🎇Malware Sample Resources
      • 🌡ī¸VirusShare
      • ♠ī¸MalShare
      • đŸšĨMalwareTraffic
      • 🚏Malware Bazaar
  • Malware Analysis Toolkit
    • 🧌Windows Malware Analysis Toolkit
      • 💉Common Online Malware Analysis Toolkit
        • 💎Joe Sandbox
        • đŸŽĒVT - VirusTotal
        • đŸ‘ŊThreat.Zone
        • đŸĻHybrid Analysis
        • đŸĻ„Any.run
        • đŸĨĢFilescan
      • đŸĨStatic Analysis Tools
        • 🍡Advance Static Analysis Tool
      • 💠Dynamic Analysis Tool
        • Advance Dynamic Analysis Tool
      • đŸĨœNetwork Analysis Tool
      • đŸĨŸString Dumpers Toolkit
        • 📏Strings
        • đŸĻžFloss
    • 📱Android Malware Analysis Toolkit
      • 🕹ī¸Static Analysis Toolkit
      • 💠Dynamic Analysis Toolkit
      • đŸĢ’Online Analysis Toolkit
    • 📱IPHONE Malware Analysis Toolkit
      • đŸĨĸStatic Analysis Toolkit
      • â™Ļī¸Dynamic Analysis Toolkit
    • đŸ’ģMAC OSX Malware Analysis Toolkit
      • đŸ“¯Static Analysis Toolkit
      • 🍭Dynamic Analysis Toolkit
      • đŸŒŦī¸Online Analysis Toolkit
  • Books and Guidelines
    • 🔋Books and Guidelines for Malware Analysis .
      • 🏋ī¸â€â™€ī¸Android Malware Analysis 101
      • đŸĨ–Common Anti-Forensics
      • đŸĻŖMemory Forensics GUI
      • đŸ“ŧAssembly for Malware Analyst
      • 💾Disk Image Forensics
      • ⚡Volatility Noob to Pro
  • 📋Malware Analysis Tips
    • 🖇ī¸Malware Analysis Tips
      • 🏮Memory Malware Analysis
      • 🐜Technique to Investigate Process
      • đŸ’ĨProcess Lists 1
      • đŸ’ĨProcess Lists 2
      • đŸ’ĨProcess Lists 3
  • đŸ§ŊIncident Response
    • đŸŗWhat is Incident Response
      • Incident Response Tools
      • Incident Response Toolkit
  • Technical Analysis Report
    • đŸĻŽTechnical Analysis Report
      • 🧲Stuxnet Memory Analysis
  • 🚨Rootkit Removal
    • 🤖Rootkit Removal
  • 🗜ī¸Antivirus Artifact
    • ã€Ŋī¸Antivirus Artifact
      • 🀄Antivirus Process Name
  • 🧠Malware Author Mindset
    • đŸ’ŊMalware Author Mindset
      • đŸĢHow Malware Author Terminate Antivirus Process during runtime ?
Powered by GitBook
On this page
  1. OS Internal's
  2. Suspicious API's

Network Information API's

List of Network API's used by Malware Dude :)

  • GetAdaptersInfo: Retrieves information about the network adapters on the local system, including IP addresses, MAC addresses, and network interface statistics.

  • GetNetworkParams: Provides information about network configuration parameters, such as the DNS suffix and the list of DNS servers.

  • GetHostByName: Resolves a hostname to an IP address, often used for connecting to remote servers.

  • GetHostByAddr: Resolves an IP address to a hostname, which can be used to identify remote hosts.

  • WSAEnumInterfaces: Lists all network interfaces on the system, including details about each interface's status and configuration.

  • WSAGetLastError: Retrieves the error code for the last network-related operation, useful for troubleshooting network communications.

  • InternetOpen: Opens a handle to the WinINet library, allowing applications to make network requests, such as connecting to HTTP or FTP servers.

  • InternetOpenUrl: Opens a URL and retrieves data from a specified address, often used by malware to download additional payloads or exfiltrate data.

  • Socket: Creates a network socket, allowing malware to establish connections over the network.

  • Connect: Connects a socket to a specified address and port, enabling communication with remote servers.

  • Recv and Send: Receive and send data over a network socket, used to transfer information between the malware and remote servers.

  • GetAdaptersAddresses: Retrieves detailed information about the network interfaces, including IP addresses and other network configuration details.

  • GetNetworkParams: Provides information about the network configuration parameters, such as the list of DNS servers.

  • DnsQuery: Performs DNS queries to resolve domain names to IP addresses, often used by malware to contact command-and-control servers.

PreviousSystem Information API'sNextWindows Internal

Last updated 10 months ago

🐁
🍩
🌀
Page cover image