Solutions Overview

Solution Search

Clear

Solution	Author	SHA256	Difficulty	Tags	Likes	Posted
Malicious .docx Analysis	ge0lev	`29325e23a684f782db14a1bf0dc56c65228e666d1f561808413a735000de3515`	easy	loader msoffice external template openxml		26 Jan 2026
Malicious MS Office Files Without Macros	struppigel	`29325e23a684f782db14a1bf0dc56c65228e666d1f561808413a735000de3515`	easy	loader msoffice external template openxml		25 Jan 2026
Malicious MS Office Files Without Macros	struppigel	`56f5623daa470bee190ae0ecd961be8e6df71c8da1ccf7b268fe876b84c183d9`	easy	loader msoffice openxml vsto add-in		25 Jan 2026
Malicious .docx Analysis	ge0lev	`56f5623daa470bee190ae0ecd961be8e6df71c8da1ccf7b268fe876b84c183d9`	easy	loader msoffice openxml vsto add-in		24 Jan 2026
Finding the next stage in a Word Document abusing VSTO functionality	0xdeluks	`56f5623daa470bee190ae0ecd961be8e6df71c8da1ccf7b268fe876b84c183d9`	easy	loader msoffice openxml vsto add-in		20 Jan 2026
Solution Jot Notes (rough, will pretty-up later)	nanoamano	`55901c2d5489d6ac5a0671971d29a31f4cdfa2e03d56e18c1585d78547a26396`	easy	string deobfuscation .net rat almondrat		16 Jan 2026
Programmatically NOP the Current Selection in Ghidra	larsborn	`0b38ca277bbb042d43bd1f17c4e424e167020883526eb2527ba929b2f0990a8f`	easy	obfuscation		13 Jan 2026
String Obfuscation in the Hamweq IRC-bot	larsborn	`4eb33ce768def8f7db79ef935aabf1c712f78974237e96889e1be3ced0d7e619`	easy	string deobfuscation		13 Jan 2026
Malware Analysis: Batch2Exe Fake Ransomware/Screenlocker	xusheng	`482a8b7ead1e07ac728e1e2b9bcf90a26af9b98b15969a3786834d6e81d393cd`	easy	batch2exe screenlocker		09 Jan 2026
Office Dropper	0xdeluks	`9887f1e95b4e11825941bd207400d1cc1580a7d438969f6c8d8c656551d339e2`	easy	loader macro office		05 Jan 2026
AlmondRAT Analysis	0xdeluks	`55901c2d5489d6ac5a0671971d29a31f4cdfa2e03d56e18c1585d78547a26396`	easy	string deobfuscation .net rat almondrat		05 Jan 2026
Analyzing MS Office Macro Malware with Oletools	struppigel	`9887f1e95b4e11825941bd207400d1cc1580a7d438969f6c8d8c656551d339e2`	easy	loader macro office		05 Jan 2026
Exploit, steganography and Delphi: unpacking DBatLoader (part #1)	malcat	`13063a496da7e490f35ebb4f24a138db4551d48a1d82c0c876906a03b8e83e05`	easy	loader emulation office cve-2018-0798		04 Jan 2026
Statically unpacking a simple .NET dropper	malcat	`15180ee9f6a8682b24a0d5cb0491bb4e09d457bfab5a24ec1fcb077dab59773b`	easy	.net		04 Jan 2026

Page 1 of 1