Solutions Overview

Solution Search

Solution	Author	SHA256	Difficulty	Tags	Likes	Posted
Malware Analysis - Writing X64dbg Unpacking Scripts	struppigel	`20946142795ea4b9fafad9a279e5da0e2f491f567380d7f37570d451f3aa6b8f`	medium	process injection .net upx		27 Dec 2025
Virut, Unpacking a Polymorphic File Infector, Part I	struppigel	`096607aa89ea6f17e5a815a67b94bc245ecbf18a87705e1dec2f1d85f8350e32`	advanced	packed virut polymorphic virus hooking self-modifying		28 Dec 2025
Virut's Ntdll Hooking and Process Infection, Part 2	struppigel	`096607aa89ea6f17e5a815a67b94bc245ecbf18a87705e1dec2f1d85f8350e32`	advanced	packed virut polymorphic virus hooking self-modifying		28 Dec 2025
Virut's File Infection, Part 3	struppigel	`096607aa89ea6f17e5a815a67b94bc245ecbf18a87705e1dec2f1d85f8350e32`	advanced	packed virut polymorphic virus hooking self-modifying		28 Dec 2025
Binary Refinery URL Extraction of Multi-Layered PoshLoader for LummaStealer	struppigel	`3d1a4b9e37868f54e7e7eb98aae0203e2c50b2977170e0006cd3cbcb071c6b94`	medium	lummastealer powershell vbscript hta loader		29 Dec 2025
RenPy Game, Finding Malware Code in 2956 Files, Beginner Friendly	struppigel	`3c086e76942fb9fd3d1e4384e9c1228c227c00c78dc29fca512ed95ee919ee5e`	medium	acrstealer game python renpy		29 Dec 2025
Defeating ConfuserEx Anti-Analysis with Hooking	struppigel	`0d7e7c6c1e02f7e5e5d0bf8f191e9d50636e71cabc2b4883d112b0f04da3d9f0`	advanced	string deobfuscation .net		29 Dec 2025
Writing Code Signatures	struppigel	`892834734712fe5bc7a6614be6972de1be2d74ad424ef47b2c701046e4912426`	medium	privateloader signature writing		30 Dec 2025
Writing an Unpacker for a 3-Stage Stub with Emulation via Speakeasy	struppigel	`0ad4f87dfa9b814b78e9db2360a89ea7940fb5ad919637bbaacb1222fb44098d`	medium	emulation peunion write unpacker anti-emulation		31 Dec 2025
JS to PowerShell to XWorm with Binary Refinery	struppigel	`5bc8b1a067ec4b487e88c2bb93728158633f4fdf22b111d5562cbb4ad3426d30`	medium	loader js obfuscated stage 1		04 Jan 2026
JS to PowerShell to XWorm with Binary Refinery	struppigel	`cb21368467bdf0ca8a4cd458f54d684e10da2d43a9c7285e094d39bdc410fb10`	medium	packed powershell config extraction xworm stage 2		04 Jan 2026
Statically unpacking a simple .NET dropper	malcat	`15180ee9f6a8682b24a0d5cb0491bb4e09d457bfab5a24ec1fcb077dab59773b`	easy	.net		04 Jan 2026
Exploit, steganography and Delphi: unpacking DBatLoader (part #1)	malcat	`13063a496da7e490f35ebb4f24a138db4551d48a1d82c0c876906a03b8e83e05`	easy	loader emulation office cve-2018-0798		04 Jan 2026
Exploit, steganography and Delphi: unpacking DBatLoader (part #2)	malcat	`3045902d7104e67ca88ca54360d9ef5bfe5bec8b575580bc28205ca67eeba96d`	advanced	steganography delphi		04 Jan 2026
Cutting corners against a Dridex downloader (part #1)	malcat	`6f8f1b26324ea0f3f566fbdcb4a61eb92d054ccf0300c52b3549c774056b8f02`	medium	hta loader macro office		04 Jan 2026
Cutting corners against a Dridex downloader (part #2)	malcat	`277089cb78a9c493cecd8f5fbe70df0577d4f9557fb8b55ff5f7c2505308ca3a`	advanced	obfuscated anti-dumping dridex		04 Jan 2026
Reversing a NSIS dropper using quick and dirty shellcode emulation	malcat	`291df8186e62df74b8fcf2c361c6913b9b73e3e864dde58eb63d5c3159a4c32d`	medium	shellcode emulation config extraction nsis		04 Jan 2026

Page 1 of 4

»