09474277051fc387a9b43f7f08a9bf4f6817c24768719b21f9f7163d9c5c8f74
|
struppigel
|
advanced
|
|
PyInstxtractor does not work here. Extract and decrypt all the python code, including the plain "PYZ" archive contents.
|
1
|
|
0
|
01 Feb 2026
|
1bc77b013c83b5b075c3d3c403da330178477843fc2d8326d90e495a61fbb01f
|
struppigel
|
advanced
|
|
Create a static C2 extractor that uses abstract syntax tree transformations with Babel. You can use astexplorer.net as helper tool.
|
1
|
|
0
|
13 Jan 2026
|
277089cb78a9c493cecd8f5fbe70df0577d4f9557fb8b55ff5f7c2505308ca3a
|
malcat
|
advanced
|
|
Extract the final Dridex downloader payload using static analysis.
|
1
|
|
0
|
04 Jan 2026
|
3045902d7104e67ca88ca54360d9ef5bfe5bec8b575580bc28205ca67eeba96d
|
malcat
|
advanced
|
|
Extract the next stage payload with static analysis.
|
1
|
|
0
|
04 Jan 2026
|
096607aa89ea6f17e5a815a67b94bc245ecbf18a87705e1dec2f1d85f8350e32
|
struppigel
|
advanced
|
|
Unpack the virus body of Virut and find the file infection code, figure out:
* Which file extensions does it target for infection and what other conditions must be true, e.g., values in the PE headers?
* What is the infect marker?
|
3
|
|
0
|
28 Dec 2025
|
eee8a68511bd00ff98425cf9e9bd12873a5e742548fe7e2b72add7ff8dbabb24
|
struppigel
|
advanced
|
|
Unpack the payload and obtain the C2, bonus points for deobfuscating the AutoIt script
|
1
|
|
0
|
26 Dec 2025
|
0d7e7c6c1e02f7e5e5d0bf8f191e9d50636e71cabc2b4883d112b0f04da3d9f0
|
struppigel
|
advanced
|
|
Write a script or program that deobfuscates the strings and patches the assembly with the deobfuscated strings
|
1
|
|
0
|
26 Dec 2025
|