Published inFAUN — Developer Community 🐾Hello Python! : A short introduction.Python is a high-level, interpreted, general-purpose programming language. Its design philosophy emphasizes code readability with the use…May 14, 2022May 14, 2022
Published inSystem WeaknessNetwork Forensics: PCAP Analysis of a cyber attack.Executive Summary: This report is prepared for the client as part of the investigations regarding a cyber attack.May 10, 20221May 10, 20221
Published inSystem WeaknessStatic code analysis of .xlsm Emotet sample.Demo for the analysis is on my YouTube.Feb 23, 2022Feb 23, 2022
Published inFAUN — Developer Community 🐾Static code analysis of Clownic Ransomware using dnSpy.Today, I performed a static code analysis on a sample of Clownic Ransomware, obtained from vx-underground, the program was developed in C#…Feb 21, 2022Feb 21, 2022
Static code analysis of CobaltStrike HTA malware sampleCobalt Strike is a commercial, full-featured, remote access tool that bills itself as “adversary simulation software designed to execute…Feb 18, 2022Feb 18, 2022
Published inFAUN — Developer Community 🐾Static code analysis of an Emotet malware sampleToday, I decided to pick a random file from the Emotet family on vx-underground repo.Feb 16, 2022Feb 16, 2022
Valentine FLAMES!This will definitely bring back some childhood memories for some!Feb 14, 2022Feb 14, 2022
Published inFAUN — Developer Community 🐾Static code analysis of Trickbot + Emotet .xlsm payload using OfficeMalScanner and VSCode.15 November 2021 saw the return of Emotet. Check Point Research (CPR) observed that the Emotet botnet started to re-emerge with Trickbot…Feb 13, 2022Feb 13, 2022
Published inFAUN — Developer Community 🐾Methodology for Malware Static Analysis (2): MS documents (.doc/xls/ppt) and PDF filesThis is the part two (2) of my Methodology for malware analysis series, in part one (1), I discussed the static analysis of PE files.Feb 12, 2022Feb 12, 2022
Published inSystem WeaknessStatic analysis of Rana’s (APT39) VBS malware sample.The FBI identified several malicious VBS scripts used by Rana (APT39). The VBS malware was embedded in Microsoft Office documents. Once…Feb 10, 2022Feb 10, 2022