While I have been analyzing malicious documents for some time, I never wrote anything about it and that changes today! We are going to analyze a document I downloaded from MalwareBazaar (Lots of love to them!). It turned out to be an interesting experience involving rtf, ole, shellcode etc. I hope this write-up is useful... Continue Reading →
Venus Stealer python code extraction and analysis.
Cuckoo is an automated malware analysis sandbox tool. The best part is it is opensource and free. The thing about malware analysis is that however good you get there is just too much malware and analysing all of it manually is not practical in all situations, It will consume a lot of your time and... Continue Reading →
Let linux tell you what it thinks about its users.
Learn about IntelMQ a free and Open Source Threat Intelligence Gathering tool.
Look for UART, Determine which Pin does what and connect to it!
Welcome, You can check out the previous article If you haven't already, for more context! If you are like me and would avoid JavaScript at all cost, this article will be better than the previous one. Here we will look at How I found the binary that dropped the .vbe script to its location and... Continue Reading →
Mining Crypto Using a VBE script and headless Chrome/Firefox
My last post on Android App Analysis (Just the Noob Stuff!) really got me interested in Android app structure and internal design. After a lot of time, today I decided to get my hands dirty. Started with a course but soon got bored and moved to making the app right away. Yes, I am Impatient!... Continue Reading →
TLDR: Use updated Crpto implementations and please don't roll your own crypto into production.
Geeky Panda Tales! 