|
You are here |
blog.dingusxmcgee.com | ||
| | | | |
www.redblue.team
|
|
| | | | | There's certainly no shortage of malware in Ukraine right now! One of my resolutions for the New Year is to spend more time conducting ... | |
| | | | |
x0rb3l.github.io
|
|
| | | | | IntroductionIn this article I will be examining a Windows executable malware specimen. Based on a couple reports from automated malware sandboxes, the specimen drops multiple files to disk and calls out to multiple domains and IP addresses.The purpose of this article is to give readers a look into malware reverse engineering using static analysis, behavioral analysis, and code analysis. This is Part 1 of several more articles to come.The specimen in question is a Windows PE (Portable Executable) named setup.exe. You can find it's hashes below.MD5: d1b2c8ddca2f8dd02e2c132153055084SHA-1: 21c011ac7406eef048c175f5887e4eb885c050d6SHA256: 506c2f513d64242fcb20ccff8c26c0ed1755fe9120b984c29ba224b311d635c3I pulled this malware from Any.Run which contains nearly 75,000... | |
| | | | |
www.malwaretech.com
|
|
| | | | | One of the most common questions I'm asked is "what programming language(s) should I learn to get into malware analysis/reverse engineering", to answer this question I'm going to write about the top 3 languages which I've personally found most useful. I'll focus on native malware (malware which does not require a framework such as Java, Python, or .NET to run), as this is the most common type and understanding it it will provide you the skills required to pivot into other kinds. In this article I won't b... | |
| | | | |
plasma-umass.org
|
|
| | | Demo of the Doppio Runtime System. Contribute to plasma-umass/doppio-demo development by creating an account on GitHub. | ||