Malware Analysis

IcedID gziploader analysis (Part1)

IcedID , also known as BokBot, was among one of the most active malware families and has been known for loading diffe...

17 Mar 2022

5 minute read

The malware which targeting Ukrainian infrastructure (Specially windows devices) has since been observed in the neigh...

04 Mar 2022

4 minute read

AsyncRAT is a Remote Access Tool (RAT) designed to remotely monitor and control other computers

16 Feb 2022

6 minute read

Vidar (forked from Arkei info stealer) is very popular info stealer written in C++...

06 Feb 2022

17 minute read

Back to top ↑

I’m solving memory forensics challenge with volatility2 framework from Defcon DFIR CTF 2019

17 Feb 2022

4 minute read

Back to top ↑

Exploits the DNS protocol to bypass security controls, enabling data exfiltration, C2 communication.

24 Feb 2025

6 minute read

Back to top ↑