#Malware-Analysis

4 posts

Reconstructing the Puzzle: Automating Malware String and IAT Recovery
April 19, 2026 ·6 min read
Recently, I’ve been working on a malware sample that arrived with almost no static strings and a completely empty Import Table—a clear sign that it’s been obfuscated. String Deobfuscation Looking around the …
#malware-analysis#reverse-engineering#deobfuscation#ida#flare-emu
Lại Thêm Một Vụ Mất Tiền Do Lừa Đảo Tải App Dịch Vụ Công
February 1, 2026 ·6 min read
Gần đây, khi lướt Facebook, tôi thấy có bài cảnh báo về việc kẻ gian dụ nạn nhân cài ứng dụng chứa mã độc để chiếm đoạt tiền trong tài khoản ngân hàng. Chi tiết tại bài viết trên Facebook. Thủ đoạn này không mới nhưng …
#malware-analysis#reverse-engineering#android#phishing
Analyzing a Cobalt Strike Payload: DLL Hijacking, Alcatraz Obfuscation, and Reflective Loading
December 20, 2025 ·10 min read
This analysis covers a multi-stage attack chain designed for stealth and persistence: starting with a PDF-themed phishing lure that uses DLL sideloading via a legitimate Logitech binary, it employs Alcatraz obfuscation …
#malware-analysis#reverse-engineering#deobfuscation#dll-hijacking#ida
Analyzing a Payload: Sandbox Evasion, EDR Hook Bypassing, and API Recovery
May 13, 2025 ·6 min read
Currently, I am analyzing a malware payload that employs various techniques to evade detection and hinder analysis. 1. Initial Assessment The initial file is unusually large, weighing in at approximately 91MB. Upon …
#malware-analysis#reverse-engineering#sandbox-evasion#edr-bypass#ida