Contents
3cx
3CX Supply Chain Attack • Mar 30, 2023
_LDR_DATA_TABLE_ENTRY
Rhadamanthys • Jan 19, 2023
_LIST_ENTRY
Rhadamanthys • Jan 19, 2023
advobfuscator
Extended ADVObfuscator • Oct 15, 2023
ADVObfuscator • Oct 8, 2023
AgentTesla
XORStringsNet • Apr 16, 2023
agenttesla
Origin Logger • Oct 22, 2023
AgentTesla • Nov 17, 2022
alphagolang
Titan Stealer • Dec 1, 2022
Laplace Clipper • Nov 27, 2022
amadey
AutoIt Credential Flusher • Sep 11, 2024
Amadey Loader • Nov 13, 2022
Triage Amadey Loader • May 29, 2022
AMSI
AMSI Bypass In The Wild • May 28, 2023
analysis
in2al5dp3in4er Loader • Apr 23, 2023
angr
Emotet Deobfuscation Generic Solution • Apr 20, 2022
Symbolic Execution For Deobfuscation The Basics • Apr 13, 2022
Emotet Deobfuscation • Apr 6, 2022
Angr Control Flow Deobfuscation • Mar 26, 2022
anti-debug
Guloader • Dec 16, 2022
anti-detection
AMSI Bypass In The Wild • May 28, 2023
APT
Hermetic Wizard Malware • Mar 10, 2022
Hermetic Wiper Malware • Feb 27, 2022
apt
3CX Supply Chain Attack • Mar 30, 2023
ares
AresLoader • Apr 2, 2023
aresloader
AresLoader • Apr 2, 2023
asyncrat
AMSI Bypass In The Wild • May 28, 2023
attack crypter
Attack Crypter • Aug 27, 2023
autoit
AutoIt Credential Flusher • Sep 11, 2024
automation
Threat Intel - Building A Simple Botnet Tracker • Oct 13, 2022
avkiller
Healer AVKiller • Mar 15, 2023
Bandit
Bandit Stealer Garbled • Jul 31, 2023
bitrat
BitRat Exposed • Oct 20, 2022
blackcat
BlackCat Ransomware • Mar 16, 2022
blackmatter
BlackMatter Ransomware ESXi ELF Config • Nov 5, 2021
BlackMatter Ransomware Version 3 • Oct 30, 2021
BlackMatter Ransomware • Oct 28, 2021
bokbot
PhotoLoader ICEDID • Apr 6, 2023
bot
Lobshot • Jul 16, 2023
botnet
CryptBot Evolution • Dec 6, 2024
CryptBot • Mar 16, 2023
Threat Intel - Building A Simple Botnet Tracker • Oct 13, 2022
boymoderre
Brute Ratel • Dec 11, 2022
brute ratel
Brute Ratel • Dec 11, 2022
bumblebee
Bumblebee Loader • May 12, 2022
cff
Lumma Stealer Obfuscation • Apr 7, 2024
Chaos
Quasar Chaos • Apr 13, 2023
clipboard
Clipboard Hijacker Detection • Sep 18, 2022
cobaltstrike
Cobalt Strike Analysis • Jun 9, 2022
config
CryptBot Evolution • Dec 6, 2024
Spectre Ops • Nov 21, 2024
Latrodectus • Sep 30, 2024
SparkRAT • Oct 29, 2023
Origin Logger • Oct 22, 2023
LimeRAT • Aug 17, 2023
Truebot • Jul 13, 2023
Status Recorder • Jul 6, 2023
RisePro Triage • Jun 15, 2023
PhotoLoader ICEDID • Apr 6, 2023
CryptBot • Mar 16, 2023
PikaBot • Feb 26, 2023
Rhadamanthys • Jan 19, 2023
Guloader • Dec 16, 2022
Tofsee • Nov 20, 2022
Amadey Loader • Nov 13, 2022
BitRat Exposed • Oct 20, 2022
Icarus Stealer - What is it? • Oct 9, 2022
ISFB / GOZI / RM3 Config Extraction • Oct 6, 2022
PrivateLoader Triage • Sep 8, 2022
DbatLoader Triage • Sep 4, 2022
SmokeLoader Triage • Aug 25, 2022
Cobalt Strike Analysis • Jun 9, 2022
Triage Amadey Loader • May 29, 2022
Emotet x64 Stack Strings Config Emulation • May 19, 2022
Jupyter Infostealer • Jan 30, 2022
Qakbot / Qbot • Dec 22, 2021
Dridex (DoppelDridex) Loader • Nov 30, 2021
Emotet Config Extractor • Nov 18, 2021
BlackMatter Ransomware ESXi ELF Config • Nov 5, 2021
BlackMatter Ransomware Version 3 • Oct 30, 2021
BlackMatter Ransomware • Oct 28, 2021
Darkside Ransomware • Oct 8, 2021
Hancitor • Oct 4, 2021
SquirrelWaffel Config Extraction • Sep 27, 2021
WarZone RAT • May 31, 2021
conti
Conti Ransomware V2 Source Code Leak • Mar 3, 2022
core
DanaBot Core • Dec 17, 2023
cosmu
COSMU File Infector • Apr 28, 2024
cpp
Spectre Ops • Nov 21, 2024
Mystic Stealer • Oct 1, 2023
Tofsee • Nov 20, 2022
Amadey Loader • Nov 13, 2022
C++ STL Types • Nov 6, 2022
BitRat Exposed • Oct 20, 2022
creal
Python Malware Triage - Creal Stealer • May 12, 2024
creal-stealer
Python Malware Triage - Creal Stealer • May 12, 2024
credflusher
AutoIt Credential Flusher • Sep 11, 2024
cryptbot
CryptBot Evolution • Dec 6, 2024
CryptBot • Mar 16, 2023
cryptnet
CryptNET Ransomware • Apr 20, 2023
crypto
Ledger Live Crypto Wallet Attack • Nov 5, 2023
danabot
DanaBot Core • Dec 17, 2023
DanaBot Triage • Dec 4, 2023
darkside
Darkside Ransomware • Oct 8, 2021
dbatloader
Threat Intel - Building A Simple Botnet Tracker • Oct 13, 2022
DbatLoader Triage • Sep 4, 2022
debugging
New Gcleaner • Mar 17, 2024
PikaBot Is Back With a Vengeance - Part 2 • Nov 19, 2023
PikaBot Is Back With a Vengeance • Nov 12, 2023
Guloader • Dec 16, 2022
decryption
XORSTR Generic String Decryption • Jun 25, 2023
delivery
Triage Malware Delivery Chain • Jul 2, 2023
delphi
DanaBot Core • Dec 17, 2023
DanaBot Triage • Dec 4, 2023
DbatLoader Triage • Sep 4, 2022
deobfuscation
Emotet Deobfuscation Generic Solution • Apr 20, 2022
Symbolic Execution For Deobfuscation The Basics • Apr 13, 2022
Emotet Deobfuscation • Apr 6, 2022
Angr Control Flow Deobfuscation • Mar 26, 2022
detection_engineering
Malware Downloader Triage Notes • Jun 12, 2022
DGA
Metastealer • May 11, 2023
diceloader
Diceloader Triage Notes • Jun 16, 2022
dnlib
Dot NET Static Analysis With Python • Jul 14, 2021
doppeldridex
Dridex (DoppelDridex) Loader • Nov 30, 2021
Dot NET
Jupyter Infostealer • Jan 30, 2022
Dot NET Static Analysis With Python • Jul 14, 2021
dotnet
Ledger Live Crypto Wallet Attack • Nov 5, 2023
Origin Logger • Oct 22, 2023
Attack Crypter • Aug 27, 2023
LimeRAT • Aug 17, 2023
Triage Malware Delivery Chain • Jul 2, 2023
CryptNET Ransomware • Apr 20, 2023
XORStringsNet • Apr 16, 2023
Healer AVKiller • Mar 15, 2023
QvoidStealer • Mar 12, 2023
AgentTesla • Nov 17, 2022
Icarus Stealer - What is it? • Oct 9, 2022
downloader
Attack Crypter • Aug 27, 2023
Diceloader Triage Notes • Jun 16, 2022
Malware Downloader Triage Notes • Jun 12, 2022
Reversing Unknown Polyglot JPG Downloader • Feb 20, 2022
dridex
Dridex (DoppelDridex) Loader • Nov 30, 2021
dumpulator
Dumpulator VEH • Jan 15, 2023
Matanbuchus Triage Notes • Jun 19, 2022
Cobalt Strike Analysis • Jun 9, 2022
Emotet x64 Stack Strings Config Emulation • May 19, 2022
Pandora Ransomware • Mar 19, 2022
BlackCat Ransomware • Mar 16, 2022
elf
BlackMatter Ransomware ESXi ELF Config • Nov 5, 2021
Emmenhtal
Emmenhtal • Sep 16, 2024
emotet
OneNote WSF Malware (Emotet) • Mar 19, 2023
Emotet x64 Stack Strings Config Emulation • May 19, 2022
Emotet 64-bit • Apr 30, 2022
Emotet Deobfuscation Generic Solution • Apr 20, 2022
Emotet Deobfuscation • Apr 6, 2022
Emotet Config Extractor • Nov 18, 2021
emulation
Latrodectus • Sep 30, 2024
PikaBot Is Back With a Vengeance - Part 2 • Nov 19, 2023
Go Stack Strings • Sep 3, 2023
Dumpulator VEH • Jan 15, 2023
Guloader • Dec 16, 2022
Matanbuchus Triage Notes • Jun 19, 2022
Cobalt Strike Analysis • Jun 9, 2022
Emotet x64 Stack Strings Config Emulation • May 19, 2022
Pandora Ransomware • Mar 19, 2022
BlackCat Ransomware • Mar 16, 2022
emulator
Emulating Themida • Jul 12, 2024
encryption
New Gcleaner • Mar 17, 2024
entropy
Does Entropy Matter? A Pseudoscientific Study! • May 26, 2022
exceptions
Dumpulator VEH • Jan 15, 2023
fileinfector
COSMU File Infector • Apr 28, 2024
garble
Golang Garble String Decryption • Aug 3, 2023
Bandit Stealer Garbled • Jul 31, 2023
gcleaner
New Gcleaner • Mar 17, 2024
gh0st
Reversing Unknown Polyglot JPG Downloader • Feb 20, 2022
ghost rat
Reversing Unknown Polyglot JPG Downloader • Feb 20, 2022
github
GitHub Bug Used to Infect Game Hackers With Lua Malware • Mar 3, 2024
Glubteba
Glubteba • Jul 24, 2023
go
Golang Garble String Decryption • Aug 3, 2023
Bandit Stealer Garbled • Jul 31, 2023
golang
SparkRAT • Oct 29, 2023
Go Stack Strings • Sep 3, 2023
Titan Stealer • Dec 1, 2022
Laplace Clipper • Nov 27, 2022
goresym
Titan Stealer • Dec 1, 2022
Laplace Clipper • Nov 27, 2022
gozi
ISFB / GOZI / RM3 Config Extraction • Oct 6, 2022
guloader
Dumpulator VEH • Jan 15, 2023
Guloader • Dec 16, 2022
hackingteam
HackingTeam Soldier Implant • Jan 27, 2022
hancitor
Hancitor • Oct 4, 2021
healer
Healer AVKiller • Mar 15, 2023
hermetic
Hermetic Wizard Malware • Mar 10, 2022
Hermetic Wiper Malware • Feb 27, 2022
hermetic wiper
Hermetic Wiper Malware • Feb 27, 2022
hermetic wizard
Hermetic Wizard Malware • Mar 10, 2022
hijacker
Clipboard Hijacker Detection • Sep 18, 2022
hvnc
Lobshot • Jul 16, 2023
icarus
Icarus Stealer - What is it? • Oct 9, 2022
icedid
PhotoLoader ICEDID • Apr 6, 2023
ida
Lumma Stealer Obfuscation • Apr 7, 2024
Titan Stealer • Dec 1, 2022
Laplace Clipper • Nov 27, 2022
IDA
Rhadamanthys • Jan 19, 2023
in2al5dp3in4er
in2al5dp3in4er Loader • Apr 23, 2023
intel
SoulSearcher Worm • Feb 16, 2023
invalid printer
in2al5dp3in4er Loader • Apr 23, 2023
isfb
ISFB / GOZI / RM3 Config Extraction • Oct 6, 2022
jupyter
Jupyter Infostealer • Jan 30, 2022
kiosk
AutoIt Credential Flusher • Sep 11, 2024
laplace
Laplace Clipper • Nov 27, 2022
Latrodectus
Latrodectus • Sep 30, 2024
legionloader
Satacom (LegionLoader) • Apr 30, 2023
limerat
LimeRAT • Aug 17, 2023
live ledger
Ledger Live Crypto Wallet Attack • Nov 5, 2023
loader
Emmenhtal • Sep 16, 2024
New Gcleaner • Mar 17, 2024
DanaBot Triage • Dec 4, 2023
Glubteba • Jul 24, 2023
Satacom (LegionLoader) • Apr 30, 2023
in2al5dp3in4er Loader • Apr 23, 2023
AresLoader • Apr 2, 2023
PikaBot • Feb 26, 2023
Amadey Loader • Nov 13, 2022
PrivateLoader Triage • Sep 8, 2022
DbatLoader Triage • Sep 4, 2022
SmokeLoader Triage • Aug 25, 2022
Matanbuchus Triage Notes • Jun 19, 2022
Triage Amadey Loader • May 29, 2022
Bumblebee Loader • May 12, 2022
lobshot
Lobshot • Jul 16, 2023
Lockbit
Lockbit 3.0 Ransomware Triage • Jul 7, 2022
lockbit3
Lockbit 3.0 Ransomware Triage • Jul 7, 2022
lua
GitHub Bug Used to Infect Game Hackers With Lua Malware • Mar 3, 2024
lumma
Lumma Stealer Obfuscation • Apr 7, 2024
Magniber
Magniber Ransomware Triage • May 6, 2022
Syscall Reversing • May 3, 2022
malpedia
SoulSearcher Worm • Feb 16, 2023
malware
Triage Amadey Loader • May 29, 2022
Does Entropy Matter? A Pseudoscientific Study! • May 26, 2022
Emotet x64 Stack Strings Config Emulation • May 19, 2022
Bumblebee Loader • May 12, 2022
Magniber Ransomware Triage • May 6, 2022
Syscall Reversing • May 3, 2022
Emotet 64-bit • Apr 30, 2022
Emotet Deobfuscation • Apr 6, 2022
Pandora Ransomware • Mar 19, 2022
BlackCat Ransomware • Mar 16, 2022
Hermetic Wizard Malware • Mar 10, 2022
Conti Ransomware V2 Source Code Leak • Mar 3, 2022
Hermetic Wiper Malware • Feb 27, 2022
Reversing Unknown Polyglot JPG Downloader • Feb 20, 2022
Jupyter Infostealer • Jan 30, 2022
HackingTeam Soldier Implant • Jan 27, 2022
WhisperGate Malware • Jan 20, 2022
Night Sky Ransomware • Jan 6, 2022
Qakbot / Qbot • Dec 22, 2021
Dridex (DoppelDridex) Loader • Nov 30, 2021
Emotet Config Extractor • Nov 18, 2021
BlackMatter Ransomware ESXi ELF Config • Nov 5, 2021
BlackMatter Ransomware Version 3 • Oct 30, 2021
BlackMatter Ransomware • Oct 28, 2021
Darkside Ransomware • Oct 8, 2021
Hancitor • Oct 4, 2021
SquirrelWaffel Config Extraction • Sep 27, 2021
WarZone RAT • May 31, 2021
Matanbuchus
Matanbuchus Triage Notes • Jun 19, 2022
memulator
PikaBot Is Back With a Vengeance - Part 2 • Nov 19, 2023
Metastealer • May 11, 2023
mystic stealer
Mystic Stealer • Oct 1, 2023
night sky
Night Sky Ransomware • Jan 6, 2022
noobsnight
PowerShell Loading Shellcode • Nov 24, 2022
northkorea
3CX Supply Chain Attack • Mar 30, 2023
NullMixer
Satacom (LegionLoader) • Apr 30, 2023
obfuscation
Lumma Stealer Obfuscation • Apr 7, 2024
VM Reverse Engineering Part 2 - Disassembly • Jan 21, 2024
Introduction To VM Protection - VMZeus • Jan 7, 2024
Extended ADVObfuscator • Oct 15, 2023
ADVObfuscator • Oct 8, 2023
Mystic Stealer • Oct 1, 2023
Golang Garble String Decryption • Aug 3, 2023
Bandit Stealer Garbled • Jul 31, 2023
Metastealer • May 11, 2023
onenote
OneNote WSF Malware (Emotet) • Mar 19, 2023
open source
Attack Crypter • Aug 27, 2023
opendir
New Gcleaner • Mar 17, 2024
origin logger
Origin Logger • Oct 22, 2023
pandora
Pandora Ransomware • Mar 19, 2022
PEB
Rhadamanthys • Jan 19, 2023
photoloader
PhotoLoader ICEDID • Apr 6, 2023
pikabot
PikaBot Is Back With a Vengeance - Part 2 • Nov 19, 2023
PikaBot Is Back With a Vengeance • Nov 12, 2023
PikaBot • Feb 26, 2023
polyglot
Reversing Unknown Polyglot JPG Downloader • Feb 20, 2022
polygot
Emmenhtal • Sep 16, 2024
powershell
Triage Malware Delivery Chain • Jul 2, 2023
PowerShell Loading Shellcode • Nov 24, 2022
privateloader
PrivateLoader Triage • Sep 8, 2022
pyinstaller
Python Malware Triage - Creal Stealer • May 12, 2024
python
Python Hunting • Aug 26, 2024
Python Malware Triage - Creal Stealer • May 12, 2024
Extended ADVObfuscator • Oct 15, 2023
ADVObfuscator • Oct 8, 2023
XORSTR Generic String Decryption • Jun 25, 2023
Brute Ratel • Dec 11, 2022
Titan Stealer • Dec 1, 2022
Laplace Clipper • Nov 27, 2022
AgentTesla • Nov 17, 2022
Threat Intel - Building A Simple Botnet Tracker • Oct 13, 2022
ISFB / GOZI / RM3 Config Extraction • Oct 6, 2022
BlackCat Ransomware • Mar 16, 2022
Reversing Tips With Python3 • Jul 26, 2021
Dot NET Static Analysis With Python • Jul 14, 2021
Python3 Tips and Sample Code • Jun 27, 2021
python3
Reversing Tips With Python3 • Jul 26, 2021
Python3 Tips and Sample Code • Jun 27, 2021
qakbot
Qakbot / Qbot • Dec 22, 2021
qbot
Qakbot / Qbot • Dec 22, 2021
Quasar
Quasar Chaos • Apr 13, 2023
QvoidStealer
QvoidStealer • Mar 12, 2023
ransomware
CryptNET Ransomware • Apr 20, 2023
Lockbit 3.0 Ransomware Triage • Jul 7, 2022
Magniber Ransomware Triage • May 6, 2022
Syscall Reversing • May 3, 2022
Pandora Ransomware • Mar 19, 2022
BlackCat Ransomware • Mar 16, 2022
Conti Ransomware V2 Source Code Leak • Mar 3, 2022
Night Sky Ransomware • Jan 6, 2022
BlackMatter Ransomware ESXi ELF Config • Nov 5, 2021
BlackMatter Ransomware Version 3 • Oct 30, 2021
BlackMatter Ransomware • Oct 28, 2021
Darkside Ransomware • Oct 8, 2021
Ransomware
Quasar Chaos • Apr 13, 2023
rat
SparkRAT • Oct 29, 2023
LimeRAT • Aug 17, 2023
Brute Ratel • Dec 11, 2022
BitRat Exposed • Oct 20, 2022
RAT
Quasar Chaos • Apr 13, 2023
redteam
Brute Ratel • Dec 11, 2022
research
Brute Ratel • Dec 11, 2022
Titan Stealer • Dec 1, 2022
Laplace Clipper • Nov 27, 2022
AgentTesla • Nov 17, 2022
Malware Downloader Triage Notes • Jun 12, 2022
Does Entropy Matter? A Pseudoscientific Study! • May 26, 2022
Magniber Ransomware Triage • May 6, 2022
Syscall Reversing • May 3, 2022
Emotet Deobfuscation Generic Solution • Apr 20, 2022
Symbolic Execution For Deobfuscation The Basics • Apr 13, 2022
Emotet Deobfuscation • Apr 6, 2022
Angr Control Flow Deobfuscation • Mar 26, 2022
Reversing Tips With Python3 • Jul 26, 2021
Dot NET Static Analysis With Python • Jul 14, 2021
Python3 Tips and Sample Code • Jun 27, 2021
rhadamanthys
Rhadamanthys • Jan 19, 2023
risepro
RisePro Triage • Jun 15, 2023
rm3
ISFB / GOZI / RM3 Config Extraction • Oct 6, 2022
RootTeam
RootTeam • Jul 20, 2023
rust
Zharkbot In A RUST Shell • Jul 7, 2024
sandbox
in2al5dp3in4er Loader • Apr 23, 2023
satacom
Satacom (LegionLoader) • Apr 30, 2023
shellcode
PowerShell Loading Shellcode • Nov 24, 2022
shifted pointers
Rhadamanthys • Jan 19, 2023
smoke
SmokeLoader Triage • Aug 25, 2022
smokeloader
SmokeLoader Triage • Aug 25, 2022
socks5systemz
Emulating Themida • Jul 12, 2024
solarmarker
Jupyter Infostealer • Jan 30, 2022
soldier
HackingTeam Soldier Implant • Jan 27, 2022
soulsearcher
SoulSearcher Worm • Feb 16, 2023
source
Conti Ransomware V2 Source Code Leak • Mar 3, 2022
sparkrat
SparkRAT • Oct 29, 2023
spectreops
Spectre Ops • Nov 21, 2024
spreader
Hermetic Wizard Malware • Mar 10, 2022
squirrelwaffel
SquirrelWaffel Config Extraction • Sep 27, 2021
static analysis
Dot NET Static Analysis With Python • Jul 14, 2021
status recorder
Status Recorder • Jul 6, 2023
stealc
AutoIt Credential Flusher • Sep 11, 2024
stealer
AutoIt Credential Flusher • Sep 11, 2024
Ledger Live Crypto Wallet Attack • Nov 5, 2023
Mystic Stealer • Oct 1, 2023
Bandit Stealer Garbled • Jul 31, 2023
RootTeam • Jul 20, 2023
Status Recorder • Jul 6, 2023
RisePro Triage • Jun 15, 2023
Metastealer • May 11, 2023
StrelaStealer • May 7, 2023
QvoidStealer • Mar 12, 2023
Titan Stealer • Dec 1, 2022
stl
Amadey Loader • Nov 13, 2022
C++ STL Types • Nov 6, 2022
stormkitty
Dot NET Static Analysis With Python • Jul 14, 2021
strelastealer
StrelaStealer • May 7, 2023
string decryption
PikaBot Is Back With a Vengeance - Part 2 • Nov 19, 2023
PikaBot Is Back With a Vengeance • Nov 12, 2023
Go Stack Strings • Sep 3, 2023
strings
Spectre Ops • Nov 21, 2024
Extended ADVObfuscator • Oct 15, 2023
ADVObfuscator • Oct 8, 2023
Golang Garble String Decryption • Aug 3, 2023
symbolic execution
Emotet Deobfuscation Generic Solution • Apr 20, 2022
Symbolic Execution For Deobfuscation The Basics • Apr 13, 2022
Emotet Deobfuscation • Apr 6, 2022
Angr Control Flow Deobfuscation • Mar 26, 2022
syscalls
Magniber Ransomware Triage • May 6, 2022
Syscall Reversing • May 3, 2022
themida
Emulating Themida • Jul 12, 2024
threatintel
Threat Intel - Building A Simple Botnet Tracker • Oct 13, 2022
tips
Reversing Tips With Python3 • Jul 26, 2021
Python3 Tips and Sample Code • Jun 27, 2021
titan
Titan Stealer • Dec 1, 2022
tofsee
Tofsee • Nov 20, 2022
Extended ADVObfuscator • Oct 15, 2023
ADVObfuscator • Oct 8, 2023
C++ STL Types • Nov 6, 2022
tracker
Threat Intel - Building A Simple Botnet Tracker • Oct 13, 2022
triage
Zharkbot Strings • Sep 2, 2024
Python Hunting • Aug 26, 2024
Zharkbot In A RUST Shell • Jul 7, 2024
Python Malware Triage - Creal Stealer • May 12, 2024
Glubteba • Jul 24, 2023
RootTeam • Jul 20, 2023
Lobshot • Jul 16, 2023
Truebot • Jul 13, 2023
Status Recorder • Jul 6, 2023
Triage Malware Delivery Chain • Jul 2, 2023
RisePro Triage • Jun 15, 2023
3CX Supply Chain Attack • Mar 30, 2023
OneNote WSF Malware (Emotet) • Mar 19, 2023
Clipboard Hijacker Detection • Sep 18, 2022
PrivateLoader Triage • Sep 8, 2022
DbatLoader Triage • Sep 4, 2022
SmokeLoader Triage • Aug 25, 2022
Lockbit 3.0 Ransomware Triage • Jul 7, 2022
Matanbuchus Triage Notes • Jun 19, 2022
Diceloader Triage Notes • Jun 16, 2022
Malware Downloader Triage Notes • Jun 12, 2022
Triage Amadey Loader • May 29, 2022
truebot
Truebot • Jul 13, 2023
TrustedInstaller
Healer AVKiller • Mar 15, 2023
tutorial
VM Reverse Engineering Part 2 - Disassembly • Jan 21, 2024
Introduction To VM Protection - VMZeus • Jan 7, 2024
Yara Megaprimer • Feb 9, 2023
types
C++ STL Types • Nov 6, 2022
unicorn
Emulating Themida • Jul 12, 2024
Guloader • Dec 16, 2022
unpacking
Does Entropy Matter? A Pseudoscientific Study! • May 26, 2022
Bumblebee Loader • May 12, 2022
Pandora Ransomware • Mar 19, 2022
HackingTeam Soldier Implant • Jan 27, 2022
vbs
Triage Malware Delivery Chain • Jul 2, 2023
veh
Dumpulator VEH • Jan 15, 2023
vm
VM Reverse Engineering Part 2 - Disassembly • Jan 21, 2024
Introduction To VM Protection - VMZeus • Jan 7, 2024
vmprotect
HackingTeam Soldier Implant • Jan 27, 2022
Night Sky Ransomware • Jan 6, 2022
vmzues
VM Reverse Engineering Part 2 - Disassembly • Jan 21, 2024
Introduction To VM Protection - VMZeus • Jan 7, 2024
wallet
Ledger Live Crypto Wallet Attack • Nov 5, 2023
warzone
WarZone RAT • May 31, 2021
whispergate
WhisperGate Malware • Jan 20, 2022
wiper
Hermetic Wiper Malware • Feb 27, 2022
worm
SoulSearcher Worm • Feb 16, 2023
wsf
OneNote WSF Malware (Emotet) • Mar 19, 2023
x64dbg
Zharkbot Strings • Sep 2, 2024
Python Hunting • Aug 26, 2024
xorstr
XORSTR Generic String Decryption • Jun 25, 2023
xorstringsnet
XORStringsNet • Apr 16, 2023
yara
CryptBot Evolution • Dec 6, 2024
CryptBot • Mar 16, 2023
QvoidStealer • Mar 12, 2023
PikaBot • Feb 26, 2023
SoulSearcher Worm • Feb 16, 2023
Yara Megaprimer • Feb 9, 2023
Icarus Stealer - What is it? • Oct 9, 2022
ISFB / GOZI / RM3 Config Extraction • Oct 6, 2022
Clipboard Hijacker Detection • Sep 18, 2022
SmokeLoader Triage • Aug 25, 2022
Lockbit 3.0 Ransomware Triage • Jul 7, 2022
Matanbuchus Triage Notes • Jun 19, 2022
Diceloader Triage Notes • Jun 16, 2022
Malware Downloader Triage Notes • Jun 12, 2022
zeus
VM Reverse Engineering Part 2 - Disassembly • Jan 21, 2024
Introduction To VM Protection - VMZeus • Jan 7, 2024
zharkbot
Zharkbot Strings • Sep 2, 2024
Zharkbot In A RUST Shell • Jul 7, 2024