Posts by Category
IcedID gziploader analysis (Part1)
IcedID , also known as BokBot, was among one of the most active malware families and has been known for loading diffe...
HermeticWiper/FoxBlade Analysis (in-depth)
The malware which targeting Ukrainian infrastructure (Specially windows devices) has since been observed in the neigh...
Playing with AsyncRAT
AsyncRAT is a Remote Access Tool (RAT) designed to remotely monitor and control other computers
Deep Analysis of Vidar Information Stealer
Vidar (forked from Arkei info stealer) is very popular info stealer written in C++...
Digging into memory
I’m solving memory forensics challenge with volatility2 framework from Defcon DFIR CTF 2019