Solutions Overview

Solution Search

Solution	Author	SHA256	Difficulty	Tags	Likes	Posted
Malware Analysis - Writing X64dbg Unpacking Scripts	struppigel	`20946142795ea4b9fafad9a279e5da0e2f491f567380d7f37570d451f3aa6b8f`	medium	process injection .net upx		27 Dec 2025
Virut, Unpacking a Polymorphic File Infector, Part I	struppigel	`096607aa89ea6f17e5a815a67b94bc245ecbf18a87705e1dec2f1d85f8350e32`	advanced	packed virut polymorphic virus hooking self-modifying		28 Dec 2025
Virut's Ntdll Hooking and Process Infection, Part 2	struppigel	`096607aa89ea6f17e5a815a67b94bc245ecbf18a87705e1dec2f1d85f8350e32`	advanced	packed virut polymorphic virus hooking self-modifying		28 Dec 2025
Binary Refinery URL Extraction of Multi-Layered PoshLoader for LummaStealer	struppigel	`3d1a4b9e37868f54e7e7eb98aae0203e2c50b2977170e0006cd3cbcb071c6b94`	medium	lummastealer powershell vbscript hta loader		29 Dec 2025
Defeating ConfuserEx Anti-Analysis with Hooking	struppigel	`0d7e7c6c1e02f7e5e5d0bf8f191e9d50636e71cabc2b4883d112b0f04da3d9f0`	advanced	string deobfuscation .net		29 Dec 2025
Writing Code Signatures	struppigel	`892834734712fe5bc7a6614be6972de1be2d74ad424ef47b2c701046e4912426`	medium	privateloader signature writing		30 Dec 2025
Writing an Unpacker for a 3-Stage Stub with Emulation via Speakeasy	struppigel	`0ad4f87dfa9b814b78e9db2360a89ea7940fb5ad919637bbaacb1222fb44098d`	medium	emulation peunion write unpacker anti-emulation		31 Dec 2025
JS to PowerShell to XWorm with Binary Refinery	struppigel	`5bc8b1a067ec4b487e88c2bb93728158633f4fdf22b111d5562cbb4ad3426d30`	medium	loader js obfuscated stage 1		04 Jan 2026
JS to PowerShell to XWorm with Binary Refinery	struppigel	`cb21368467bdf0ca8a4cd458f54d684e10da2d43a9c7285e094d39bdc410fb10`	medium	packed powershell config extraction xworm stage 2		04 Jan 2026
D3f@ck Loader from Inno Setup to JPHP	struppigel	`7409250e8be3bdcdaa756faff2150b13677ae066e42cefa52844c87451f6f60d`	medium	string deobfuscation loader d3f@ck inno stage 1		09 Jan 2026
D3f@ck Loader from Inno Setup to JPHP	struppigel	`e7cf02ad880e8ebb37134c5370189bd2620ce1bf60794aa8776db6ccc4d4f0f7`	medium	loader d3f@ck jphp jvm stage 2		09 Jan 2026
Unpacking AutoIt Stub with Large Obfuscated Script	struppigel	`ee69b74d0f0dd59fcd87304863626efb727ad6255bc29a7d48b7a441390dff1a`	medium	packed autoit cypherit obfuscated		11 Jan 2026
C2 Extractor for Turla's Kopiluwak Using Binary Refinery	struppigel	`2299ff9c7e5995333691f3e68373ebbb036aa619acd61cbea6c5210490699bb6`	medium	js macro office apt kopiluwak turla vba		11 Jan 2026
.NETReactor Deobfuscation and Configuration Extraction of AgentTesla	struppigel	`45dc4518fbf43bf4611446159f72cdbc37641707bb924bd2a52644a3af5bab76`	medium	.net obfuscated .netreactor agenttesla stage 3		16 Jan 2026
Malicious MS Office Files Without Macros	struppigel	`56f5623daa470bee190ae0ecd961be8e6df71c8da1ccf7b268fe876b84c183d9`	easy	loader msoffice openxml vsto add-in		25 Jan 2026
Malicious MS Office Files Without Macros	struppigel	`29325e23a684f782db14a1bf0dc56c65228e666d1f561808413a735000de3515`	easy	loader msoffice external template openxml		25 Jan 2026
Zpaq to .NET Downloader to Injector DLL Unpacking	struppigel	`1c33eef0d22dc54bb2a41af485070612cd4579529e31b63be2141c4be9183eb6`	easy	loader stage 1 bloated zpaq		27 Jan 2026

Page 1 of 4

»