-
Recent Posts
Recent Comments
Archives
- May 2022
- April 2022
- December 2021
- November 2021
- July 2021
- May 2021
- March 2021
- August 2020
- July 2020
- March 2020
- February 2020
- January 2020
- October 2019
- September 2019
- July 2019
- May 2019
- April 2019
- March 2019
- January 2019
- November 2018
- October 2018
- August 2018
- July 2018
- May 2018
- April 2018
- December 2017
- November 2017
- October 2017
- August 2017
- April 2017
- February 2017
- November 2016
- September 2016
- August 2016
- July 2016
- June 2016
- April 2016
- March 2016
- February 2016
- January 2016
- November 2015
- April 2014
- December 2013
- September 2013
- July 2013
- June 2013
- April 2013
- December 2012
- August 2012
- July 2012
- June 2012
- May 2012
- March 2012
- February 2012
- December 2011
- November 2011
- October 2011
- August 2011
- December 2009
Categories
Meta
Tag Archives: Shellcode
More adventures with shell code and the Shikata Ga Nai Encoder
The other day I was given a sample vbscript file by Paul Melson @pmelson so I could take a look at the odd shell code in it. Here is the original script. This starts out as a normal script running … Continue reading
Posted in Malware, PowerShell, Programming, security
Tagged Decoding, Malware Analysis, Shellcode
Comments Off on More adventures with shell code and the Shikata Ga Nai Encoder
Chasing malware down the rabbit hole to see where it goes.
Lets start this journey with the blog post by Pondurance titled “777 RANSOMWARE COMBINES WITH TRICKBOT” located here. There is not a whole lot here but it describes 2 layers of shellcode and some indicator’s and the first is the … Continue reading
Posted in Malware, PowerShell, security
Tagged Malware Analysis, Reverse Engineering, Shellcode
Comments Off on Chasing malware down the rabbit hole to see where it goes.
Those Pesky Powershell Shellcode’s And How To Understand Them
Shellcode comes in various forms for different operating systems. Some can just be dropped into a hex editor and get the needed understanding what it is doing , some may require looking at the generated assembly code generated by a … Continue reading
A deeper look at Equation Editor CVE-2017-11882 with encoded Shellcode
Our sample today comes from My Online Security @dvk01uk from this Twitter thread Here. The First one I had started to work on comes from this Twitter thread here from April 26 of 2019. The encoding on the shellcode uses … Continue reading
A look at a bmp file with embedded shellcode
The sample today is from PaulM @melsonp While watching his BSIDES Augusta talk from 2018 Here, at that the end he shows a picture file that gets downloaded from a layered PowerShell script. He was kind enough to send me … Continue reading
Posted in Malware, PowerShell, security
Tagged Malware Analysis, Security, Shellcode
Comments Off on A look at a bmp file with embedded shellcode