Cry Me A River oh DearCry
Overview of new DearCry ransomware and some artifacts from reverse engineering a couple DearCry samples.
Read More
New Kid on The Block
A brief history and overview of ransomware leading up to the newest addition to the ransomware family in early 2021, known as Babuk.
Read More
The Power of AMSI Tracing
A walk through of how to leverage the Windows OS AMSI Tracing feature to quickly and easily retrieve heavily obfuscated code from maldocs to find IOC's.
Read More
Word DDE Malware
Microsoft Word supports a legacy feature called DDE or "Dynamic Data Exchange" that provides an interface which can be used to launch new processes and download content. Not exactly what it was originally intended for, but a handy feature for malware authors.
Read More
A Malware Firehose
As an aspiring Malware Researcher it is important to have a good source of samples to learn from and analyze. If you're looking for a modern, clean approch to malware feeds then I suggest perhaps checking out VirusSamples.com.
Read More
Understand Shellcode with CyberChef
Add two parts cyber and one part input to produce a delicious recipe. All joking aside, [CyberChef](https://gchq.github.io/CyberChef/) is a pretty sweet tool that anyone in the cybersecurity community would likely find useful. It really is the entire kitchen sink with over 300 unique operations which can be combined in different ways to help analyze input data. Read on to learn more about using CyberChef.
Read More