: Maldoc Templates - TrickBot, Dridex, AsyncRAT, SnakeKeylogger, QuasarRAT, RemcosRAT, SilentBuilder, Quakbot, AveMariaRAT, NONE, Heodo, BitRAT, BazaLoader.: Maldoc Templates - NONE, SnakeKeylogger, QuasarRAT, Quakbot, IcedID.: Maldoc Templates - QuasarRAT, SnakeKeylogger, NONE, Formbook, Loki, AveMariaRAT, AsyncRAT, SilentBuilder, GuLoader, Heodo.: Maldoc Templates - SilentBuilder, Heodo, Quakbot, NanoCore, NONE, Loki.: Maldoc Templates - OskiStealer, RemcosRAT, Loki, NONE, NanoCore, Quakbot, SnakeKeylogger, Formbook, Heodo.: Maldoc Templates - Heodo, Formbook, AgentTesla, Loki, NanoCore, NONE, Quakbot.: Maldoc Templates - Heodo, AgentTesla, NanoCore, Loki, SilentBuilder, Hancitor, NONE, Quakbot.: YouTube: Getting Started with dnSpyEx - Unraveling a.: YouTube Video: The Basics of Overlays in PE Files w/ DCRat.: YouTube Video Series: Getting Started with Detect-It-Easy, Identifying Signs of Packing, Unpacking Vidar Stealer with Time-Travel Debugging.: YouTube Video: OneNote Malware - Tips and Tricks for Investigating OneNote Malware Used to Deliver AsyncRAT.: YouTube Video Series: Investigating NullMixer - Identifying Packing Techniques, Identifying and Unraveling ASPack, and Investigating Network Traffic with Suricata and Evebox.NET Downloader and an Open Directory - Unraveling the Encrypted Payload That Leads to CryptBot : YouTube Video: OneNote Malware Trends - Investigating Script Execution that Leads to QuakBot.PCAP files that exhibit specific network activity, to help with analysis, rule writing or whatever comes your way! Relevant capture filters are applied to help limit the scope of what is in the PCAP file. December: Maldocs - Living Off The Land with Powershell. August: Javascript - Deobfuscating a Turla JS Backdoor.February: Maldocs - Getting Started with Excel 4 Macros (XLM Macros).December: Maldocs - Automating Download URL Extraction with Python.October: Tracing Shellcode Execution from VBA Macros.These exercises will cover a wide range of malware analysis topics and come with detailed solutions and walk-throughs. In addition to providing artifacts from samples, I will regularly post malware anlaysis exercises. This repository is intended to provide access to a wide variety of malicious files and other artifacts.Īll of the samples are in a password protected ZIP archive using a password of: infected Malware Analysis Exercises
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |