niedziela, 24 maja 2020

Preloading Linux binaries

Using LD_PRELOAD to exploit/reverse binaries was presented to me in 2006. Below I will show you a very basic usage for some small example found online. Here we go...

poniedziałek, 18 maja 2020

Reading malware - unpacking ASPack 2.12

Today I decided to check some 'new samples available online' and that's how I found the one called "gwzsesxxgq.exe". Below you'll find the details. Here we go...

niedziela, 17 maja 2020

Reading malware - DDoS Perl Bot

It's been a while since I was reading (anything in) Perl ;) so during last lazy Sunday I decided to check one of the sample malware available here. Below you will find the details. Here we go...

sobota, 16 maja 2020

Reading malware - 8UsA.sh

Internet is a special weird place. Sometime you can find an unicorn other time you can find an ELF. Today we'll look around for some new ELF in our world of imagination. Here we go...

czwartek, 30 kwietnia 2020

Reading malware - orbitclient.x86

After reading last cases of malwares found online I decided that I will check one more again. ;) Below you will find few notes about it. Here we go...

Reading malware - yakuza.x86

After reading SNOOPY I decided to check one more sample available here. This time I found malware called yakuza.x86. Let's try to understand what this code can do. Below few notes. Here we go...