ShimasakisanUnpacking and decompiling PyInstaller python executablesThere are plenty of tutorials out there on how to do this process, I’m just writing it here for my own reference so I can come to a single…Nov 24, 2021Nov 24, 2021
ShimasakisanDharma/CrySYS payload analysis. Part IHash: ceeaf45fbb91df67d5b9f1ca1905301ce63314152fb50ed7c6c31365d06ec86dJul 31, 2021Jul 31, 2021
ShimasakisanStatic code analysis of WastedLocker. Part 2: anti-analysis tricksContinuing with the sample of WastedLocker apparently involved in the recent Garmin attack (July 2020), now we are looking at some tricks…Jul 31, 2021Jul 31, 2021
ShimasakisanGarmin WastedLocker static code analysis. Part I: unpackToday we’re reverse-engineering a sample of the WastedLocker malware, apparently used in the recent Garmin attack (July 2020). This malware…Jul 31, 2021Jul 31, 2021
ShimasakisannjRAT injector code analysisToday we are analyzing an injector generated by the njRAT malware. This injector is often referred to as Bladabindi by AV engines. These…Jul 23, 2020Jul 23, 2020