Malware Analysis

Update: Version 0.0.42 (1)
From Fileless Techniques to Using Steganography: Examining Powload’s Evolution (1)
Windows Object Case Sensitivity - Extended Edition (1)
Fake Bitcoin investment scam delivers malware (1)
PE Compilation Timestamps vs. forensics (1)
Infor Stealer Vidar TrojanSpy Analysis (1)
Cuckoo SandBox on AWS (1)
NtCrypt and 1DayCrypt – Same shit, same asshole (1)
Update: Version 0.0.13 (1)
Some interesting notes on Revcode (1)
Libsodium sealed boxes: multiple (32) working secret keys for one public key (1)
Fake Paychex Tax verification documents delivers Trickbot (1)
New SLUB Backdoor Uses GitHub, Communicates via Slack (1)
Analyzing a Phishing PDF with /ObjStm (1)
DE-Cr1pt0r tool - The Cr1pt0r ransomware decompiled decryption routine (1)
Fake Dun & Bradstreet Company Complaint delivers Trickbot (1)
Spotlight on Troldesh ransomware, aka ‘Shade’ (1)
UPnP-enabled Connected Devices in the Home and Unpatched Known Vulnerabilities (1)
Fake HSBC payment details delivers Agent Tesla (1)
Quick Analysis of a Trickbot Sample with NSA's Ghidra SRE Framework (1)
Update: Version 0.7.1 (1)
Exposed IoT Automation Servers and Cybercrime (1)
Yet another attempted Hawkeye delivery that fails (1)
Cr1pt0r Ransomware Analysis Libsodium/NaCl Encryption, Decryption, paramenters and (sad) conclusions (1)
Fileless Banking Trojan Targeting Brazilian Banks Downloads Possible Botnet Capability, Info Stealers (1)
Linux Bomb Walkthrough – Part3 (Phases 4-6) (1)
Fake ADP Tax Billing Records delivers Trickbot (1)
Cr1pt0r ransomware: FireEye FLARE script to build your IDA Pro FLIRT signatures (1)
$100,000/year if you can solve this reverse engineering test (1)
REDasm is an interactive, multiarchitecture disassembler (1)