Tag: Reverse Engineering

Forging malicious DOC, undetected by all VirusTotal static engines

Static engines became a standard in automatic detection for large enterprises thanks to their accurate and quick detection. When looking at detection of email attacks on enterprise organizations, they make 91% of all cyber attack attempts. If an attacker can find a way to infiltrate the organization’s defenses, the organization will become compromised the potential…


Fusion – Level 06 solution

Following my previous blog post (Fusion level 05 solution), I continued my nightly quest for fun and solved the next challenge as well. As I try to keep my content unique and original, this blog post is mostly created due to the fact that as for today, there was no solution for this challenge on…


Fusion – Level 05 solution

exploit-exercises.com provides a variety of virtual machines, documentation and challenges that can be used to learn about a variety of computer security issues such as privilege escalation, vulnerability analysis, exploit development, debugging, reverse engineering, and general cyber security issues. The exercise talked about in this blog post can be found here: https://exploit-exercises.com/fusion/level05/ I am writing…


Nymaim Malware: Deep Technical Dive – Adventures in Evasive Malware

Nymaim is mostly known worldwide as a downloader, although it seems they evolved from former versions, now having new functionalities to obtain data on the machine with no need to download a new payload. Some of the exported functionalities allow harvesting passwords and browsers data from the machine, hidden on the file system until communication…


Ursnif Malware: Deep Technical Dive

In this blog I explain some of the core methods an attack tool named Ursnif uses, as well as mention some, probably unintentional, pieces of code that were left behind in the production version of the malware….