Solutions Overview

Solution Search

Clear

Solution	Author	SHA256	Difficulty	Tags	Likes	Posted
Malicious .docx Analysis	ge0lev	`29325e23a684f782db14a1bf0dc56c65228e666d1f561808413a735000de3515`	easy	loader msoffice external template openxml		26 Jan 2026
Malicious MS Office Files Without Macros	struppigel	`29325e23a684f782db14a1bf0dc56c65228e666d1f561808413a735000de3515`	easy	loader msoffice external template openxml		25 Jan 2026
Malicious MS Office Files Without Macros	struppigel	`56f5623daa470bee190ae0ecd961be8e6df71c8da1ccf7b268fe876b84c183d9`	easy	loader msoffice openxml vsto add-in		25 Jan 2026
Malicious .docx Analysis	ge0lev	`56f5623daa470bee190ae0ecd961be8e6df71c8da1ccf7b268fe876b84c183d9`	easy	loader msoffice openxml vsto add-in		24 Jan 2026
Finding the next stage in a Word Document abusing VSTO functionality	0xdeluks	`56f5623daa470bee190ae0ecd961be8e6df71c8da1ccf7b268fe876b84c183d9`	easy	loader msoffice openxml vsto add-in		20 Jan 2026
JPHP Malware Analysis - "Soft-Activator"	xusheng	`e7cf02ad880e8ebb37134c5370189bd2620ce1bf60794aa8776db6ccc4d4f0f7`	medium	loader d3f@ck jphp jvm stage 2		10 Jan 2026
D3f@ck Loader from Inno Setup to JPHP	struppigel	`7409250e8be3bdcdaa756faff2150b13677ae066e42cefa52844c87451f6f60d`	medium	string deobfuscation loader d3f@ck inno stage 1		09 Jan 2026
Office Dropper	0xdeluks	`9887f1e95b4e11825941bd207400d1cc1580a7d438969f6c8d8c656551d339e2`	easy	loader macro office		05 Jan 2026
JScript Loader Analysis	0xdeluks	`5bc8b1a067ec4b487e88c2bb93728158633f4fdf22b111d5562cbb4ad3426d30`	medium	loader js obfuscated stage 1		05 Jan 2026
Analyzing MS Office Macro Malware with Oletools	struppigel	`9887f1e95b4e11825941bd207400d1cc1580a7d438969f6c8d8c656551d339e2`	easy	loader macro office		05 Jan 2026
Cutting corners against a Dridex downloader (part #1)	malcat	`6f8f1b26324ea0f3f566fbdcb4a61eb92d054ccf0300c52b3549c774056b8f02`	medium	hta loader macro office		04 Jan 2026
Exploit, steganography and Delphi: unpacking DBatLoader (part #1)	malcat	`13063a496da7e490f35ebb4f24a138db4551d48a1d82c0c876906a03b8e83e05`	easy	loader emulation office cve-2018-0798		04 Jan 2026
JS to PowerShell to XWorm with Binary Refinery	struppigel	`5bc8b1a067ec4b487e88c2bb93728158633f4fdf22b111d5562cbb4ad3426d30`	medium	loader js obfuscated stage 1		04 Jan 2026
Binary Refinery URL Extraction of Multi-Layered PoshLoader for LummaStealer	struppigel	`3d1a4b9e37868f54e7e7eb98aae0203e2c50b2977170e0006cd3cbcb071c6b94`	medium	lummastealer powershell vbscript hta loader		29 Dec 2025

Page 1 of 1