Solutions Overview

Solution Search

Solution	Author	SHA256	Difficulty	Tags	Likes	Posted
.NETReactor Deobfuscation and Configuration Extraction of AgentTesla	struppigel	`45dc4518fbf43bf4611446159f72cdbc37641707bb924bd2a52644a3af5bab76`	medium	.net obfuscated .netreactor agenttesla stage 3		16 Jan 2026
Solution Jot Notes (rough, will pretty-up later)	nanoamano	`55901c2d5489d6ac5a0671971d29a31f4cdfa2e03d56e18c1585d78547a26396`	easy	string deobfuscation .net rat almondrat		16 Jan 2026
Programmatically NOP the Current Selection in Ghidra	larsborn	`0b38ca277bbb042d43bd1f17c4e424e167020883526eb2527ba929b2f0990a8f`	easy	obfuscation		13 Jan 2026
API Hashing in the Zloader malware	larsborn	`4029f9fcba1c53d86f2c59f07d5657930bd5ee64cca4c5929cbd3142484e815a`	medium	string deobfuscation		13 Jan 2026
String Obfuscation in the Hamweq IRC-bot	larsborn	`4eb33ce768def8f7db79ef935aabf1c712f78974237e96889e1be3ced0d7e619`	easy	string deobfuscation		13 Jan 2026
Zloader String Obfuscation	larsborn	`4029f9fcba1c53d86f2c59f07d5657930bd5ee64cca4c5929cbd3142484e815a`	medium	string deobfuscation		13 Jan 2026
Use Ghidra to decrypt strings of KpotStealer malware	larsborn	`67f8302a2fd28d15f62d6d20d748bfe350334e5353cbdef112bd1f8231b5599d`	medium	string deobfuscation		13 Jan 2026
C2 Extractor for Turla's Kopiluwak Using Binary Refinery	struppigel	`2299ff9c7e5995333691f3e68373ebbb036aa619acd61cbea6c5210490699bb6`	medium	js macro office apt kopiluwak turla vba		11 Jan 2026
Unpacking AutoIt Stub with Large Obfuscated Script	struppigel	`ee69b74d0f0dd59fcd87304863626efb727ad6255bc29a7d48b7a441390dff1a`	medium	packed autoit cypherit obfuscated		11 Jan 2026
JPHP Malware Analysis - "Soft-Activator"	xusheng	`e7cf02ad880e8ebb37134c5370189bd2620ce1bf60794aa8776db6ccc4d4f0f7`	medium	loader d3f@ck jphp jvm stage 2		10 Jan 2026
D3f@ck Loader from Inno Setup to JPHP	struppigel	`e7cf02ad880e8ebb37134c5370189bd2620ce1bf60794aa8776db6ccc4d4f0f7`	medium	loader d3f@ck jphp jvm stage 2		09 Jan 2026
Malware Analysis: Batch2Exe Fake Ransomware/Screenlocker	xusheng	`482a8b7ead1e07ac728e1e2b9bcf90a26af9b98b15969a3786834d6e81d393cd`	easy	batch2exe screenlocker		09 Jan 2026
D3f@ck Loader from Inno Setup to JPHP	struppigel	`7409250e8be3bdcdaa756faff2150b13677ae066e42cefa52844c87451f6f60d`	medium	string deobfuscation loader d3f@ck inno stage 1		09 Jan 2026
Defeating Sodinokibi/REvil String-Obfuscation in Ghidra	larsborn	`5f56d5748940e4039053f85978074bde16d64bd5ba97f6f0026ba8172cb29e93`	medium	string deobfuscation ransomware revil		07 Jan 2026
Office Dropper	0xdeluks	`9887f1e95b4e11825941bd207400d1cc1580a7d438969f6c8d8c656551d339e2`	easy	loader macro office		05 Jan 2026
JScript Loader Analysis	0xdeluks	`5bc8b1a067ec4b487e88c2bb93728158633f4fdf22b111d5562cbb4ad3426d30`	medium	loader js obfuscated stage 1		05 Jan 2026
AlmondRAT Analysis	0xdeluks	`55901c2d5489d6ac5a0671971d29a31f4cdfa2e03d56e18c1585d78547a26396`	easy	string deobfuscation .net rat almondrat		05 Jan 2026

Page 2 of 4

«
»