Closed

reverse malware that self-closes upon finding open handles to its process

Hi,

I am trying to debug a malware which can find all open handles to itself and self-closes if one is found. Due to this I am having very little success when trying to WriteProcessMemory to it. I need someone who can figure out how the process is doing this and circumvent this functionality so I can continue my work. I have looked at calls to NtQuerySystemInformation but there arnt any that use SystemHandleInformation, so perhaps there is another way of enumerating open handles?

This will require knowledge of windows/kernel api functions, debugging and reverse engineering.

Please post in your bid how you will go about this project and how long it will take, I am not interested in copy/pasted CV's.

Regards.

Skills: C++ Programming, Debugging, Software Architecture, Windows Desktop

See more: reverse engineering project, debugging software, Windows Kernel, self , reverse-engineering, reverse engineering, reverse engineering c#, open cv, c# reverse engineering, c reverse engineering, software debugging, android malware analysis reverse engineering, writeprocessmemory api, upon, reverse software, reverse engineering malware, self software, post process, knowledge process, need software reverse, reverse engineering bid, open reverse, open files process, software reverse engineering, finding calls

About the Employer:
( 71 reviews ) stockholm, Sweden

Project ID: #4768863

9 freelancers are bidding on average $22/hour for this job

honeypotant

Dear Sir. I'm very interested in your job post involving these skills. I have 7 years experience in C/C++. I have consistently delivered projects on time and under budget, which has earned us many positive rating More

$25 USD / hour
(12 Reviews)
5.1
amelnyk

I can help. More in PMB

$25 USD / hour
(22 Reviews)
5.1
hbxfnzwpf

I can do this, I design such exclusive program before, and I know how to avoid it, please let expert help u.

$21 USD / hour
(19 Reviews)
4.8
MohamedWinNT

Check PM ...

$22 USD / hour
(15 Reviews)
4.7
kandamunlabs

Hi, I am interested in this project. Will you share a sample of this malware with me?

$22 USD / hour
(15 Reviews)
4.5
xn2oc

Hello. I exhibit reverse engineering daily. I have a few ideas about circumventing the protection features this malware has in place. More details in PM.

$25 USD / hour
(3 Reviews)
2.9
pak0079

I can do that.

$22 USD / hour
(1 Review)
0.8
Yagosh

Check PM please.

$20 USD / hour
(0 Reviews)
0.0
virudoken

Hi. please check my pm.

$22 USD / hour
(0 Reviews)
0.0
Coldzer01

Check PM Plz ..

$22 USD / hour
(0 Reviews)
0.0