Explore >> Select a destination
|
You are here 
|
www.redblue.team | ||
| | | | |
volatilityfoundation.org
|
|
| | | | | The Volatility Blog offers ongoing information to support the Volatility Foundation's open-source memory forensics framework. | |
| | | | |
x0rb3l.github.io
|
|
| | | | | IntroductionIn this article I will be examining a Windows executable malware specimen. Based on a couple reports from automated malware sandboxes, the specimen drops multiple files to disk and calls out to multiple domains and IP addresses.The purpose of this article is to give readers a look into malware reverse engineering using static analysis, behavioral analysis, and code analysis. This is Part 1 of several more articles to come.The specimen in question is a Windows PE (Portable Executable) named setup.exe. You can find it's hashes below.MD5: d1b2c8ddca2f8dd02e2c132153055084SHA-1: 21c011ac7406eef048c175f5887e4eb885c050d6SHA256: 506c2f513d64242fcb20ccff8c26c0ed1755fe9120b984c29ba224b311d635c3I pulled this malware from Any.Run which contains nearly 75,000... | |
| | | | |
toddcullumresearch.com
|
|
| | | | | Purpose of this page This is a continuously updated page and it is never finished! I decided to go ahead and cover the tools I typically use for analyzing malware because although Ive found lists elsewhere, Ive found no real big collection with explanation and/or any type of discussion of these tools. Its generally more... Read More | |
| | | | |
laihoconsulting.com
|
|
| | | Website and personal blog of Pekka Laiho, software engineer and financial enthusiast. | ||
