Solutions Overview

Solution Search

Solution	Author	SHA256	Difficulty	Tags	Likes	Posted
D3f@ck Loader from Inno Setup to JPHP	struppigel	`7409250e8be3bdcdaa756faff2150b13677ae066e42cefa52844c87451f6f60d`	medium	string deobfuscation loader d3f@ck inno stage 1		09 Jan 2026
Defeating Sodinokibi/REvil String-Obfuscation in Ghidra	larsborn	`5f56d5748940e4039053f85978074bde16d64bd5ba97f6f0026ba8172cb29e93`	medium	string deobfuscation ransomware revil		07 Jan 2026
Office Dropper	0xdeluks	`9887f1e95b4e11825941bd207400d1cc1580a7d438969f6c8d8c656551d339e2`	easy	loader macro office		05 Jan 2026
JScript Loader Analysis	0xdeluks	`5bc8b1a067ec4b487e88c2bb93728158633f4fdf22b111d5562cbb4ad3426d30`	medium	loader js obfuscated stage 1		05 Jan 2026
AlmondRAT Analysis	0xdeluks	`55901c2d5489d6ac5a0671971d29a31f4cdfa2e03d56e18c1585d78547a26396`	easy	string deobfuscation .net rat almondrat		05 Jan 2026
Analyzing MS Office Macro Malware with Oletools	struppigel	`9887f1e95b4e11825941bd207400d1cc1580a7d438969f6c8d8c656551d339e2`	easy	loader macro office		05 Jan 2026
Programmatically NOP the Current Selection in Ghidra	larsborn	`0b38ca277bbb042d43bd1f17c4e424e167020883526eb2527ba929b2f0990a8f`	medium	obfuscated rat windows scripting		05 Jan 2026
Dissecting a fresh BlankGrabber sample	humpty_tony	`94237eac80fd2a20880180cab19b94e8760f0d1f06715ff42a6f60aef84f4adf`	medium	python stealer		04 Jan 2026
Install Linters, Get Malware - DevSecOps Speedrun Edition	humpty_tony	`5bed39728e404838ecd679df65048abcb443f8c7a9484702a2ded60104b8c4a9`	medium	api hashing anti-vm supply chain		04 Jan 2026
Supper is served	humpty_tony	`61f8224108602eb1f74cb525731c9937c2ffd9a7654cb0257624507c0fdb5610`	medium	rat revshell windows		04 Jan 2026
Config extraction of a cobalt strike beacon	malcat	`4109d17d439e425d24e9d11956adcc63ff8e24ccfffe21dd8c5431fe969d2783`	medium	powershell config extraction cobal strike		04 Jan 2026
Reversing a NSIS dropper using quick and dirty shellcode emulation	malcat	`291df8186e62df74b8fcf2c361c6913b9b73e3e864dde58eb63d5c3159a4c32d`	medium	shellcode emulation config extraction nsis		04 Jan 2026
Cutting corners against a Dridex downloader (part #2)	malcat	`277089cb78a9c493cecd8f5fbe70df0577d4f9557fb8b55ff5f7c2505308ca3a`	advanced	obfuscated anti-dumping dridex		04 Jan 2026
Cutting corners against a Dridex downloader (part #1)	malcat	`6f8f1b26324ea0f3f566fbdcb4a61eb92d054ccf0300c52b3549c774056b8f02`	medium	hta loader macro office		04 Jan 2026
Exploit, steganography and Delphi: unpacking DBatLoader (part #2)	malcat	`3045902d7104e67ca88ca54360d9ef5bfe5bec8b575580bc28205ca67eeba96d`	advanced	steganography delphi		04 Jan 2026
Exploit, steganography and Delphi: unpacking DBatLoader (part #1)	malcat	`13063a496da7e490f35ebb4f24a138db4551d48a1d82c0c876906a03b8e83e05`	easy	loader emulation office cve-2018-0798		04 Jan 2026
Statically unpacking a simple .NET dropper	malcat	`15180ee9f6a8682b24a0d5cb0491bb4e09d457bfab5a24ec1fcb077dab59773b`	easy	.net		04 Jan 2026

Page 2 of 3

«
»