#Ida

3 posts

Reconstructing the Puzzle: Automating Malware String and IAT Recovery
April 19, 2026 ·6 min read
Recently, I’ve been working on a malware sample that arrived with almost no static strings and a completely empty Import Table—a clear sign that it’s been obfuscated. String Deobfuscation Looking around the …
#malware-analysis#reverse-engineering#deobfuscation#ida#flare-emu
Analyzing a Cobalt Strike Payload: DLL Hijacking, Alcatraz Obfuscation, and Reflective Loading
December 20, 2025 ·10 min read
This analysis covers a multi-stage attack chain designed for stealth and persistence: starting with a PDF-themed phishing lure that uses DLL sideloading via a legitimate Logitech binary, it employs Alcatraz obfuscation …
#malware-analysis#reverse-engineering#deobfuscation#dll-hijacking#ida
Analyzing a Payload: Sandbox Evasion, EDR Hook Bypassing, and API Recovery
May 13, 2025 ·6 min read
Currently, I am analyzing a malware payload that employs various techniques to evade detection and hinder analysis. 1. Initial Assessment The initial file is unusually large, weighing in at approximately 91MB. Upon …
#malware-analysis#reverse-engineering#sandbox-evasion#edr-bypass#ida