Context Information related to the PE header I collected here and there. My favorite resources on the subject, however, are Goppit and Iczelion’s tutorials (both available on tuts4you), but it’s j...

This page centralizes the current status of my writeups about samples from the book Practical Malware Analysis. Some of them are quite lengthy because I can’t help myself when it comes to go down t...

Overview Filename Size MD5 Lab09-02.exe 24 KB 251f4d0caf6eadae453488f9c9c0ea95 TL;DR: The malware has to be renamed ocl.exe i...

Overview Filename Size MD5 Lab06-04.exe 40 KB 21be74dfafdacaaab1c8d836e2186a69 TL;DR: A malware requesting commands from an H...

Overview Filename Size MD5 Lab03-04.exe 60 KB b94af4a4d4af6eac81fc135abda1c40c TL;DR: A shy (or oversensitive) malware that d...

Overview Filename Size MD5 Lab03-03.exe 53 KB e2bf42217a67e46433da8b6f4507219e TL;DR: An executable embedding a keylogger in ...

Overview Filename Size MD5 Lab03-02.dll 23 KB 84882c9d43e23d63b82004fae74ebb61 TL;DR: A malicious service DLL downloading a b...

Overview Filename Size MD5 Lab03-01.exe 07 KB d537acb8f56a1ce206bc35cf8ff959c0 TL;DR: A malware implementing a little bit of ...

Overview Filename Size MD5 Lab01-04.exe 37 KB 625ac05fd47adc3c63700c3b30de79ab TL;DR: A malware installing a fake Windows Upd...

Overview Filename Size MD5 Lab01-03.exe 05 KB 9c5c27494c28ed0b14853b346b113145 TL;DR: An packed binary that use the COM libra...