Solutions Overview

Solution Search

Solution	Author	SHA256	Difficulty	Tags	Likes	Posted
Extractor for custom PyInstaller executables as seen in PDFly or PDFClick	struppigel	`8c9d9150efa35278afcb23f2af4c4babcc4dd55acd9e839bed4c04cb5a8d9c3f`	advanced	packed custom wrapper evilai pdf converter pyinstaller		01 Feb 2026
The Wolf in AutoIt’s Clothing - How Vidar Hides in Plain Sight	para0x0dise	`eee8a68511bd00ff98425cf9e9bd12873a5e742548fe7e2b72add7ff8dbabb24`	advanced	packed autoit cypherit		31 Jan 2026
Malicious .docx Analysis	ge0lev	`29325e23a684f782db14a1bf0dc56c65228e666d1f561808413a735000de3515`	easy	loader msoffice external template openxml		26 Jan 2026
Malicious MS Office Files Without Macros	struppigel	`29325e23a684f782db14a1bf0dc56c65228e666d1f561808413a735000de3515`	easy	loader msoffice external template openxml		25 Jan 2026
Malicious MS Office Files Without Macros	struppigel	`56f5623daa470bee190ae0ecd961be8e6df71c8da1ccf7b268fe876b84c183d9`	easy	loader msoffice openxml vsto add-in		25 Jan 2026
Malicious .docx Analysis	ge0lev	`56f5623daa470bee190ae0ecd961be8e6df71c8da1ccf7b268fe876b84c183d9`	easy	loader msoffice openxml vsto add-in		24 Jan 2026
Finding the next stage in a Word Document abusing VSTO functionality	0xdeluks	`56f5623daa470bee190ae0ecd961be8e6df71c8da1ccf7b268fe876b84c183d9`	easy	loader msoffice openxml vsto add-in		20 Jan 2026
[Samplepedia Solution] Unveiling the Layers: Analyzing a Multi-Stage APT-Style Loader	m4n0w4r	`5544e6c66cbf6503cddef2797acbff4fb81ededaef2334a596e6484cfaa0b8e8`	medium	dll sideloading packed shellcode		19 Jan 2026
Use Babel to Deobfuscate JavaScript Malware	larsborn	`1bc77b013c83b5b075c3d3c403da330178477843fc2d8326d90e495a61fbb01f`	advanced	js obfuscated ast control flow gootloader		18 Jan 2026
Solution Jot Notes (rough, will pretty-up later)	nanoamano	`55901c2d5489d6ac5a0671971d29a31f4cdfa2e03d56e18c1585d78547a26396`	easy	string deobfuscation .net rat almondrat		16 Jan 2026
Programmatically NOP the Current Selection in Ghidra	larsborn	`0b38ca277bbb042d43bd1f17c4e424e167020883526eb2527ba929b2f0990a8f`	easy	obfuscation		13 Jan 2026
API Hashing in the Zloader malware	larsborn	`4029f9fcba1c53d86f2c59f07d5657930bd5ee64cca4c5929cbd3142484e815a`	medium	string deobfuscation		13 Jan 2026
String Obfuscation in the Hamweq IRC-bot	larsborn	`4eb33ce768def8f7db79ef935aabf1c712f78974237e96889e1be3ced0d7e619`	easy	string deobfuscation		13 Jan 2026
Zloader String Obfuscation	larsborn	`4029f9fcba1c53d86f2c59f07d5657930bd5ee64cca4c5929cbd3142484e815a`	medium	string deobfuscation		13 Jan 2026
Use Ghidra to decrypt strings of KpotStealer malware	larsborn	`67f8302a2fd28d15f62d6d20d748bfe350334e5353cbdef112bd1f8231b5599d`	medium	string deobfuscation		13 Jan 2026
JPHP Malware Analysis - "Soft-Activator"	xusheng	`e7cf02ad880e8ebb37134c5370189bd2620ce1bf60794aa8776db6ccc4d4f0f7`	medium	loader d3f@ck jphp jvm stage 2		10 Jan 2026
Malware Analysis: Batch2Exe Fake Ransomware/Screenlocker	xusheng	`482a8b7ead1e07ac728e1e2b9bcf90a26af9b98b15969a3786834d6e81d393cd`	easy	batch2exe screenlocker		09 Jan 2026

Page 1 of 3

»