Posts

• Emulating inline decryption for triaging C++ malware May 16
• Understanding API Hashing and build a rainbow table for LummaStealer Mar 24
• Understanding PEB and LDR Structures using IDA and LummaStealer Feb 4

• Applied Emulation - Decrypting Ursnif strings with Unicorn Dec 20
• Applied Emulation - Analysis of MarsStealer Nov 15
• Vidar - payload inspection with static analysis Oct 25
• Agent Tesla - Building an effective decryptor Aug 29
• IDA-Python - Locate a function independently from its offset Jun 27
• Extracting DDosia targets from process memory May 8
• Dynamic Binary Instrumentation for Malware Analysis Mar 14