Homepage
Open in app
Sign in
Get started
m4n0w4r
Follow
[QuickNote] Retrieve unknown python stealer from PyInstaller
[QuickNote] Retrieve unknown python stealer from PyInstaller
During my participating in a Discord community, I noticed a member made the following offer of assistance
m4n0w4r
Aug 10
[QuickNote] DarkGate — Make AutoIt Great Again
[QuickNote] DarkGate — Make AutoIt Great Again
In the first quarter of 2024, @AvastThreatLabs observed a DarkGate campaign distributed via malicious PDF files…
m4n0w4r
Jun 6
[QuickNote] Qakbot 5.0 — Decrypt strings and configuration
[QuickNote] Qakbot 5.0 — Decrypt strings and configuration
In this new sample, threat actor has updated Qakbot’s codebase to support 64-bit versions of Windows.
m4n0w4r
Apr 23
[QuickNote] Phishing email distributes WarZone RAT via DBatLoader
[QuickNote] Phishing email distributes WarZone RAT via DBatLoader
Below is an illustrated and summarized way of how WarZone RAT sample infects the victim system via DBatLoader
m4n0w4r
Apr 9
[QuickNote] Technical Analysis of recent Pikabot Core Module
[QuickNote] Technical Analysis of recent Pikabot Core Module
1. Overview
m4n0w4r
Jan 6
[Case study] Decrypt strings using Dumpulator
[Case study] Decrypt strings using Dumpulator
I received a suspicious Dll that needs to be analyzed. This Dll is packed. After unpacking it and throwing the Dll into IDA, IDA…
m4n0w4r
May 22, 2023
A Deep Dive into Zloader — the Silent Night
A Deep Dive into Zloader — the Silent Night
As part of my work at Vincss, I wrote an article about Zloader — “[RE026] A Deep Dive into Zloader — the Silent Night”.
m4n0w4r
Apr 25, 2022
About m4n0w4r
Latest Stories
Archive
About Medium
Terms
Privacy
Teams