Skip to content
MalwareAnalysis.co

MalwareAnalysis.co

Central Hub for Malware Analysis Resources

  • Our Courses
  • Research Publications
  • Resources
    • Tools
      • Windows
      • macOS
      • Linux
      • Android
    • Malware Samples
    • Cheat Sheets
    • Sandboxes
    • Threat Intelligence
    • Labs & CTFs
    • Books
  • Community
    • Twitters to Follow
    • Forums and Blogs
  • About Us
  • Contact Us

Contact Us

    Share this:

    • Click to share on Twitter (Opens in new window)
    • Click to share on LinkedIn (Opens in new window)
    • Click to share on Facebook (Opens in new window)
    • Click to share on WhatsApp (Opens in new window)
    • Click to share on Telegram (Opens in new window)

    Twitter Feed

    MalFuzzerUriel Kosayev@MalFuzzer·
    20 May

    Amazing how people running publicizing stuff they don’t verify or not sure about. A researcher is the one who always checks and verifies stuff, even and first himself.

    Grzegorz Tworek@0gtweet

    The SeManageVolumePrivilege _IS_NOT_ required to create a snapshot with vssadmin. Why people still spread such disinformation, instead of checking it? Verification takes seconds, while recordings of webinars containing false "knowledge" will stay with us for years.

    Reply on Twitter 1527574925141233665Retweet on Twitter 15275749251412336651Like on Twitter 15275749251412336657Twitter 1527574925141233665
    MalFuzzerUriel Kosayev@MalFuzzer·
    19 May

    Small PoC video, Shabbat shalom 😎
    https://youtu.be/H9Dx5d3vuIQ

    Reply on Twitter 1527422402195505152Retweet on Twitter 1527422402195505152Like on Twitter 15274224021955051522Twitter 1527422402195505152
    Retweet on TwitterUriel Kosayev Retweeted
    BallisKitBallisKit@BallisKit·
    18 May

    #ShellcodePack tip: Generate a malicious XLL and display a decoy message after the shellcode is triggered with the next options (also includes AV bypass):

    -G hello.xll -t CMD --msgbox="Error, invalid office version!" --bypass

    Reply on Twitter 1526967213260947458Retweet on Twitter 152696721326094745837Like on Twitter 152696721326094745895Twitter 1526967213260947458
    Retweet on TwitterUriel Kosayev Retweeted
    0gtweetGrzegorz Tworek@0gtweet·
    18 May

    Simple user-level persistence with grpconv.exe:
    1. create %userprofile%\setup.ini
    2. launch "grpconv.exe -o"
    3. profit
    Of course, grpconv.exe is provided with Windows 10, because you may need to convert Windows 3.x .grp files some day. πŸ™ƒ

    Reply on Twitter 1526833181831200770Retweet on Twitter 1526833181831200770202Like on Twitter 1526833181831200770683Twitter 1526833181831200770
    MalFuzzerUriel Kosayev@MalFuzzer·
    17 May

    When your friend or student of yours finally finds a job where he is rewarded and feels good, it makes my day!

    Reply on Twitter 1526470489748787200Retweet on Twitter 1526470489748787200Like on Twitter 152647048974878720013Twitter 1526470489748787200
    • Our Courses
    • Research Publications
    • Resources
      • Tools
        • Windows
        • macOS
        • Linux
        • Android
      • Malware Samples
      • Cheat Sheets
      • Sandboxes
      • Threat Intelligence
      • Labs & CTFs
      • Books
    • Community
      • Twitters to Follow
      • Forums and Blogs
    • About Us
    • Contact Us
    MalwareAnalysis.co Proudly powered by WordPress