Unpacking and decompiling PyInstaller python executablesThere are plenty of tutorials out there on how to do this process, I’m just writing it here for my own reference so I can come to a single…Nov 24, 2021Nov 24, 2021
Dharma/CrySYS payload analysis. Part IHash: ceeaf45fbb91df67d5b9f1ca1905301ce63314152fb50ed7c6c31365d06ec86dJul 31, 2021Jul 31, 2021
Static code analysis of WastedLocker. Part 2: anti-analysis tricksContinuing with the sample of WastedLocker apparently involved in the recent Garmin attack (July 2020), now we are looking at some tricks…Jul 31, 2021Jul 31, 2021
Garmin WastedLocker static code analysis. Part I: unpackToday we’re reverse-engineering a sample of the WastedLocker malware, apparently used in the recent Garmin attack (July 2020). This malware…Jul 31, 2021Jul 31, 2021
njRAT injector code analysisToday we are analyzing an injector generated by the njRAT malware. This injector is often referred to as Bladabindi by AV engines. These…Jul 23, 2020Jul 23, 2020