Outer Web | Explore

Explore >> Select a destination

You are here		www.redblue.team red\|blue: A Soft-ish Introduction to Malware Analysis for Incident Responders
\|	\|	volatilityfoundation.org The Volatility Blog - Volatility Forensic Memory Framework	4.0 parsecs away Travel
\|	\|	The Volatility Blog offers ongoing information to support the Volatility Foundation's open-source memory forensics framework.	4.0 parsecs away Travel
\|	\|	blog.dingusxmcgee.com Fake Software Abusing Real Software For Fun And Profit - Part 2!? \| Malware Analysis with Dingus	3.4 parsecs away Travel
\|	\|	Picking up where we left off, from Part 1.	3.4 parsecs away Travel
\|	\|	x0rb3l.github.io Windows PE Malware Analysis Part I - Cybersecurity Blog	4.0 parsecs away Travel
\|	\|	IntroductionIn this article I will be examining a Windows executable malware specimen. Based on a couple reports from automated malware sandboxes, the specimen drops multiple files to disk and calls out to multiple domains and IP addresses.The purpose of this article is to give readers a look into malware reverse engineering using static analysis, behavioral analysis, and code analysis. This is Part 1 of several more articles to come.The specimen in question is a Windows PE (Portable Executable) named setup.exe. You can find it's hashes below.MD5: d1b2c8ddca2f8dd02e2c132153055084SHA-1: 21c011ac7406eef048c175f5887e4eb885c050d6SHA256: 506c2f513d64242fcb20ccff8c26c0ed1755fe9120b984c29ba224b311d635c3I pulled this malware from Any.Run which contains nearly 75,000...	4.0 parsecs away Travel
\|	\|	www.welivesecurity.com Bandidos at large: A spying campaign in Latin America	22.3 parsecs away Travel
\|		ESET researchers uncover an active malicious campaign in Latin America that uses new versions of old malware, Bandook, to spy on its victims.	22.3 parsecs away Travel