It is a Lab from Chapter 11(Malware Behavior) for practice from the book “Practical Malware Analysis” written by Michael Sikorski and Andrew Honig. This lab shows a new technique. It Trojanizes wi...
Process Injection Techniques
Identifying process injections by Windows API calls. Classic DLL Injection It involves injecting a dynamic-link library (DLL) into a target process, allowing the injected code to execute within th...
Essential Keyboard Shortcuts
Useful keyboard shortcuts for Tools related to Reverse Engineering. Tools covered : OllyDbg IDA Pro Immunity Debugger WinDbg x64Dbg OllyDbg Shortcut Function ...
Inline Hook (Lab11-02)
It is a Lab from Chapter 11(Malware Behavior) for practice from the book “Practical Malware Analysis” written by Michael Sikorski and Andrew Honig. This lab shows a new technique, i.e. Inline Hook...
GINA Interceptor(Lab 11-01)
It is a Lab from Chapter 11(Malware Behavior) for practice from the book “Practical Malware Analysis” written by Michael Sikorski and Andrew Honig. This lab shows a new technique, i.e. GINA Interc...
Unpacking Bokbot
BokBot, also known as “IcedID” is a Banking Trojan that targets users’ financial information, login credentials, and other sensitive data. This Trojan is typically delivered via spam emails or phis...
Backdoor(Lab 01-01)
I have been learning from the Book Practical Malware Analysis written by Michael Sikorski and Andrew Honig. Its a good book, as there are Labs provided at the end of each chapter for practicing you...
Malware Analysis Tools
This post will outline the various tools commonly utilized for analyzing malware samples. List of tools discussed below: For Static analysis CFF Explorer Detect It Easy Office Malscanner ...
Malware Behavior
Content Downloader Launcher Backdoor Reverse Shell Windows Reverse Shell RAT Botnet Credential Stealer Various types of malware exhibit different behaviors on target devices. By ...
Malware Static Analysis
Content Malware Analysis Type of Malware Analysis Antivirus Scanning Hashing String Analysis Detecting Packers PE File Format Linked Libraries and Functions Resource Section Wh...