#Deobfuscation

3 posts

Reconstructing the Puzzle: Automating Malware String and IAT Recovery
April 19, 2026 ·6 min read
Recently, I’ve been working on a malware sample that arrived with almost no static strings and a completely empty Import Table—a clear sign that it’s been obfuscated. String Deobfuscation Looking around the …
#malware-analysis#reverse-engineering#deobfuscation#ida#flare-emu
Analyzing a Cobalt Strike Payload: DLL Hijacking, Alcatraz Obfuscation, and Reflective Loading
December 20, 2025 ·10 min read
This analysis covers a multi-stage attack chain designed for stealth and persistence: starting with a PDF-themed phishing lure that uses DLL sideloading via a legitimate Logitech binary, it employs Alcatraz obfuscation …
#malware-analysis#reverse-engineering#deobfuscation#dll-hijacking#ida
Devirtualizing Tigress Challenge 0 with Triton
July 28, 2025 ·10 min read
Virtualization Obfuscation Virtualization obfuscation is designed to make static analysis boring, noisy, and slow. Instead of compiling logic directly into normal machine code, an obfuscator translates it into bytecode …
#reverse-engineering#deobfuscation#symbolic-execution#tutorial#triton#python