Solutions Overview

Solution Search

Solution	Author	SHA256	Difficulty	Tags	Likes	Posted
Analyzing MS Office Macro Malware with Oletools	struppigel	`9887f1e95b4e11825941bd207400d1cc1580a7d438969f6c8d8c656551d339e2`	easy	loader macro office		05 Jan 2026
Programmatically NOP the Current Selection in Ghidra	larsborn	`0b38ca277bbb042d43bd1f17c4e424e167020883526eb2527ba929b2f0990a8f`	medium	obfuscated rat windows scripting		05 Jan 2026
Dissecting a fresh BlankGrabber sample	humpty_tony	`94237eac80fd2a20880180cab19b94e8760f0d1f06715ff42a6f60aef84f4adf`	medium	python stealer		04 Jan 2026
Install Linters, Get Malware - DevSecOps Speedrun Edition	humpty_tony	`5bed39728e404838ecd679df65048abcb443f8c7a9484702a2ded60104b8c4a9`	medium	api hashing anti-vm supply chain		04 Jan 2026
Supper is served	humpty_tony	`61f8224108602eb1f74cb525731c9937c2ffd9a7654cb0257624507c0fdb5610`	medium	rat revshell windows		04 Jan 2026
Config extraction of a cobalt strike beacon	malcat	`4109d17d439e425d24e9d11956adcc63ff8e24ccfffe21dd8c5431fe969d2783`	medium	powershell config extraction cobal strike		04 Jan 2026
Reversing a NSIS dropper using quick and dirty shellcode emulation	malcat	`291df8186e62df74b8fcf2c361c6913b9b73e3e864dde58eb63d5c3159a4c32d`	medium	shellcode emulation config extraction nsis		04 Jan 2026
Cutting corners against a Dridex downloader (part #2)	malcat	`277089cb78a9c493cecd8f5fbe70df0577d4f9557fb8b55ff5f7c2505308ca3a`	advanced	obfuscated anti-dumping dridex		04 Jan 2026
Cutting corners against a Dridex downloader (part #1)	malcat	`6f8f1b26324ea0f3f566fbdcb4a61eb92d054ccf0300c52b3549c774056b8f02`	medium	hta loader macro office		04 Jan 2026
Exploit, steganography and Delphi: unpacking DBatLoader (part #2)	malcat	`3045902d7104e67ca88ca54360d9ef5bfe5bec8b575580bc28205ca67eeba96d`	advanced	steganography delphi		04 Jan 2026
Exploit, steganography and Delphi: unpacking DBatLoader (part #1)	malcat	`13063a496da7e490f35ebb4f24a138db4551d48a1d82c0c876906a03b8e83e05`	easy	loader emulation office cve-2018-0798		04 Jan 2026
Statically unpacking a simple .NET dropper	malcat	`15180ee9f6a8682b24a0d5cb0491bb4e09d457bfab5a24ec1fcb077dab59773b`	easy	.net		04 Jan 2026
JS to PowerShell to XWorm with Binary Refinery	struppigel	`cb21368467bdf0ca8a4cd458f54d684e10da2d43a9c7285e094d39bdc410fb10`	medium	packed powershell config extraction xworm stage 2		04 Jan 2026
JS to PowerShell to XWorm with Binary Refinery	struppigel	`5bc8b1a067ec4b487e88c2bb93728158633f4fdf22b111d5562cbb4ad3426d30`	medium	loader js obfuscated stage 1		04 Jan 2026
Writing an Unpacker for a 3-Stage Stub with Emulation via Speakeasy	struppigel	`0ad4f87dfa9b814b78e9db2360a89ea7940fb5ad919637bbaacb1222fb44098d`	medium	emulation peunion write unpacker anti-emulation		31 Dec 2025
Writing Code Signatures	struppigel	`892834734712fe5bc7a6614be6972de1be2d74ad424ef47b2c701046e4912426`	medium	privateloader signature writing		30 Dec 2025
Defeating ConfuserEx Anti-Analysis with Hooking	struppigel	`0d7e7c6c1e02f7e5e5d0bf8f191e9d50636e71cabc2b4883d112b0f04da3d9f0`	advanced	string deobfuscation .net		29 Dec 2025

Page 3 of 4

«
»