Malware Analysis Journey

One of the common techniques during malware analysis is to identify interesting API calls and understanding how the malware uses them. While analyzing a sample [1], I came across the following function calls embedded as strings. [Read More]

For this blogpost, I will be deviating from my usual topic of malware analysis and talking about how an improper access control on a bank’s server lead to exposure of its customers’ credit reports. [Read More]

We will be creating an isolated LAN for analyzing malware. I’m using VMware® Workstation 16 Pro which allows me to snapshot virtual machine state and revert as necessary. The basic setup will have a Windows Workstation based on Flare VM [1] and a Linux Workstation based on REMnux [2]. Both... [Read More]

Continuing my original post on Unpacking UPX, this post will be a deep dive analysis on the unpacked sample and its capabilities. [Read More]

Malicious Office Documents or Maldocs provide an effective way for adversaries to drop malicious files on a host. In most corporate environments which uses Microsoft Exchange, “transport rules” [1] will be configured to prevent emails with executables (.exe). Moreover, executables as attachments raises the users’ suspicion and is less likely... [Read More]