ShimasakisanUnpacking and decompiling PyInstaller python executablesThere are plenty of tutorials out there on how to do this process, I’m just writing it here for my own reference so I can come to a single…1 min read·Nov 24, 2021----
ShimasakisanDharma/CrySYS payload analysis. Part IHash: ceeaf45fbb91df67d5b9f1ca1905301ce63314152fb50ed7c6c31365d06ec86d4 min read·Jul 31, 2021----
ShimasakisanStatic code analysis of WastedLocker. Part 2: anti-analysis tricksContinuing with the sample of WastedLocker apparently involved in the recent Garmin attack (July 2020), now we are looking at some tricks…2 min read·Jul 31, 2021----
ShimasakisanGarmin WastedLocker static code analysis. Part I: unpackToday we’re reverse-engineering a sample of the WastedLocker malware, apparently used in the recent Garmin attack (July 2020). This malware…2 min read·Jul 31, 2021----
ShimasakisannjRAT injector code analysisToday we are analyzing an injector generated by the njRAT malware. This injector is often referred to as Bladabindi by AV engines. These…5 min read·Jul 23, 2020----