Blog Archive

RATs

• March 2024 - Quasar RAT - PowerShell Deobfuscation - Config Reversing
• February 2024 - XWorm - Batch Deobfuscation - .NET Loader
• November 2023 - NJRat Injection From Malicious Document
• November 2023 - Reversing ASync RAT Downloaders / Configs

Trojans

• November 2023 - Trickbot Banking Trojan - Dynamic Analysis

Analysis-Evasion

• November 2023 - Overcoming Malware Analysis Evasion - Binary Patching

InfoStealer

• March 2024 - Deobfuscating A RedLine Stealer Downloader
• January 2024 - Agent Tesla Malware Analysis - JavaScript to Telegram C2
• January 2024 - Phishing for InfoStealers - Deobfuscating PowerShell and Reversing a .NET Binary

Shellcode

• January 2024 - All Things Shellcode - Meterpreter, Cobalt Strike

ClipBanker

• January 2024 - MultiStage ClipBanker - JavaScript to Injection

CTF

• November 2024 - Huntress CTF 2024 Writeups