Author Archives: MalwareAnalysisForHedgehogs

Malware Analysis – Process Hollowing

April 14th, 2017 📆 | 3058 Views ⚑

We unpack a Dridex sample that uses process hollowing for memory execution. Follow me on Twitter: @struppigel Sample: https://www.hybrid-analysis.com/sample/e30b76f9454a5fd3d11b5792ff93e56c52bf5dfba6ab375c3b96e17af562f5fc?environmentId=100 Dridex

Tagged with:




Malware Analysis – Macro Malware Analysis

August 19th, 2016 📆 | 7111 Views ⚑

Macro extraction and deobfuscation using oletools and MS Excel. Follow me on Twitter: https://twitter.com/struppigel oletools: https://www.decalage.info/python/oletools Sample1: 4ad0b509b232dc0fc1704552de614849f1ddc63dbd5c9f3cf9fc2490c6abcba8 Sample2: 9887f1e95b4e11825941bd207400d1cc1580a7d438969f6c8d8c656551d339e2

Tagged with: