Solutions Overview

Solution Search

Clear

Solution	Author	SHA256	Difficulty	Tags	Likes	Posted
[Samplepedia Solution] Unveiling the Layers: Analyzing a Multi-Stage APT-Style Loader	m4n0w4r	`5544e6c66cbf6503cddef2797acbff4fb81ededaef2334a596e6484cfaa0b8e8`	medium	dll sideloading packed shellcode		19 Jan 2026
API Hashing in the Zloader malware	larsborn	`4029f9fcba1c53d86f2c59f07d5657930bd5ee64cca4c5929cbd3142484e815a`	medium	string deobfuscation		13 Jan 2026
Zloader String Obfuscation	larsborn	`4029f9fcba1c53d86f2c59f07d5657930bd5ee64cca4c5929cbd3142484e815a`	medium	string deobfuscation		13 Jan 2026
Use Ghidra to decrypt strings of KpotStealer malware	larsborn	`67f8302a2fd28d15f62d6d20d748bfe350334e5353cbdef112bd1f8231b5599d`	medium	string deobfuscation		13 Jan 2026
JPHP Malware Analysis - "Soft-Activator"	xusheng	`e7cf02ad880e8ebb37134c5370189bd2620ce1bf60794aa8776db6ccc4d4f0f7`	medium	loader d3f@ck jphp jvm stage 2		10 Jan 2026
D3f@ck Loader from Inno Setup to JPHP	struppigel	`7409250e8be3bdcdaa756faff2150b13677ae066e42cefa52844c87451f6f60d`	medium	string deobfuscation loader d3f@ck inno stage 1		09 Jan 2026
Defeating Sodinokibi/REvil String-Obfuscation in Ghidra	larsborn	`5f56d5748940e4039053f85978074bde16d64bd5ba97f6f0026ba8172cb29e93`	medium	string deobfuscation ransomware revil		07 Jan 2026
JScript Loader Analysis	0xdeluks	`5bc8b1a067ec4b487e88c2bb93728158633f4fdf22b111d5562cbb4ad3426d30`	medium	loader js obfuscated stage 1		05 Jan 2026
Programmatically NOP the Current Selection in Ghidra	larsborn	`0b38ca277bbb042d43bd1f17c4e424e167020883526eb2527ba929b2f0990a8f`	medium	obfuscated rat windows scripting		05 Jan 2026
Dissecting a fresh BlankGrabber sample	humpty_tony	`94237eac80fd2a20880180cab19b94e8760f0d1f06715ff42a6f60aef84f4adf`	medium	python stealer		04 Jan 2026
Install Linters, Get Malware - DevSecOps Speedrun Edition	humpty_tony	`5bed39728e404838ecd679df65048abcb443f8c7a9484702a2ded60104b8c4a9`	medium	api hashing anti-vm supply chain		04 Jan 2026
Supper is served	humpty_tony	`61f8224108602eb1f74cb525731c9937c2ffd9a7654cb0257624507c0fdb5610`	medium	rat revshell windows		04 Jan 2026
Config extraction of a cobalt strike beacon	malcat	`4109d17d439e425d24e9d11956adcc63ff8e24ccfffe21dd8c5431fe969d2783`	medium	powershell config extraction cobal strike		04 Jan 2026
Reversing a NSIS dropper using quick and dirty shellcode emulation	malcat	`291df8186e62df74b8fcf2c361c6913b9b73e3e864dde58eb63d5c3159a4c32d`	medium	shellcode emulation config extraction nsis		04 Jan 2026
Cutting corners against a Dridex downloader (part #1)	malcat	`6f8f1b26324ea0f3f566fbdcb4a61eb92d054ccf0300c52b3549c774056b8f02`	medium	hta loader macro office		04 Jan 2026
JS to PowerShell to XWorm with Binary Refinery	struppigel	`cb21368467bdf0ca8a4cd458f54d684e10da2d43a9c7285e094d39bdc410fb10`	medium	packed powershell config extraction xworm stage 2		04 Jan 2026
JS to PowerShell to XWorm with Binary Refinery	struppigel	`5bc8b1a067ec4b487e88c2bb93728158633f4fdf22b111d5562cbb4ad3426d30`	medium	loader js obfuscated stage 1		04 Jan 2026

Page 1 of 2

»