MalwareAnalysisForHedgehogs

Анализ вредоносных программ — обход антианализа ConfuserEx с помощью перехвата

Анализ вредоносного ПО — вредоносная настройка NordVPN, пример для начинающих

Malware Theory - What breakpoints to set for unpacking

Analysis Verdicts: There is more than Clean and Malicious

Malware Analysis - Virut's file infection, part 3

Malware Analysis - Virut's NTDLL Hooking and Process Infection, Part 2

Malware Analysis - Virut, Unpacking a Polymorphic File Infector, Part I

Malware Analysis - Unpacking Lumma Stealer from Emmenhtal and Pure Crypter

Malware Analysis - Binary Refinery URL extraction of Multi-Layered PoshLoader for LummaStealer

Antivirus myths and how AVs actually work

Malware Analysis - Writing Code Signatures

Malware Analysis - Writing x64dbg unpacking scripts

Анализ вредоносного ПО — деобфускация ConfuserEx 2 с помощью Python и dnlib, загрузчик BBTok

Writing an unpacker for a 3-stage stub with emulation via speakeasy

IDA vs Binary Ninja vs Ghidra after 1.5 years using them

The real reason antivirus software detects cracks

Malware Analysis - D3f@ck loader from Inno Setup to JPHP

Malware Simulators cannot test Antivirus Software

Triaging Files on VirusTotal

Анализ вредоносных программ — от JS до PowerShell и XWorm с помощью Binary Refinery

Malware Theory - Five Unpacking Methods and a Generic Unpacking Approach

Binary Ninja - Fix unresolved stack pointer

Malware Analysis - Unpacking AutoIt stub with large obfuscated script

Malware Analysis - C2 extractor for Turla's Kopiluwak using Binary Refinery

Malware Analysis - 3 ways to deobfuscate JScript and JavaScript malware

Анализ вредоносного ПО — деобфускация .NETReactor и извлечение конфигурации AgentTesla

Malware Analysis - ZPAQ to .NET downloader to Injector DLL unpacking

Hiding .NET IL code from DnSpy with R2R Stomping

Reversing - .NET main is not the first thing executed

Malware Analysis Course for Hedgehogs is out