Malware Analysis


Digging into BokBot’s Core Module (1)
2019-01-03 - Malspam pushing Lokibot (1)
Spyware Disguises as Android Applications on Google Play (1)
2019-01-02 - Malware from malspam pushing Formbook (1)
Analysis of Neutrino Bot Sample (dated 2018-08-27) (1)
Beware! PDF Attachments Launching Android malware (1)
Beware! Your website might be delivering Emotet malware (1)
State of the Ninja: Episode 12 (1)
New Tool: msoffcrypto-crack.py (1)
Update: format-bytes.py Version 0.0.7 (1)
All Your Torrents Belong To Us (1)
OALabs Rewind 2018 - Reverse Engineering Bloopers (1)
American Express Phishing using encoded html attachment (1)
Java adwind via fake outrigger corp invoice (1)
New Tool: SimpleEncoder (1)
Unpacking Quick Tip: Two Breakpoints to Unpack Hermes Ransomware (1)
Goblin Panda changes the dropper and reused the old infrastructure (1)
Update: numbers-to-string.py Version 0.0.7 (1)
2018-12-27 - malspam pushes Shade (Troldesh) ransomware and other malware (1)
Abusing Mount Points over the SMB Protocol (1)
Update: XORSearch Version 1.11.2 (1)
2018-12-26 - Two pcaps I provided for UA-CTF in November 2018 (1)
New Ransomware possibly criakl version (1)
Let's Learn: Progression of APT28/Sofacy Golang Zebrocy Loader 'Project2.Go': WMIC & Hex Decode (1)
2018-12-19 - Malspam pushing the MyDoom worm is still a thing (1)
2018-12-20 - Quick post: Emotet infection with Gootkit (1)
Let's Learn: In-Depth on APT28/Sofacy Zebrocy Golang Loader (1)
2018-12-20 - Three days of Hancitor infections, today with Smoke Loader (1)
With Mirai Comes Miori: IoT Botnet Delivered via ThinkPHP Remote Code Execution Exploit (1)
2018-12-18 - Traffic analysis exercise - Eggnog soup (1)