Blog

Analyzing KSL0T (Turla’s Keylogger), Part 2 – Reupload

Analyzing KSL0T (Turla’s Keylogger), Part 2 – Reupload

(This post is a reupload from my old site which is no longer available – you may have seen it before) If you haven’t read the first post, go check it out here. You can download this keylogger off of VirusBay. So far we have decrypted a whole lot of text using a simple XOR method, which

Read More
Analyzing KSL0T (Turla’s Keylogger), Part 1 – Reupload

Analyzing KSL0T (Turla’s Keylogger), Part 1 – Reupload

(This post is a reupload from my old site which is no longer available – you may have seen it before) Whilst I’m working through the Hancitor write up and the Flare On challenges, I decided to take a short break and focus on a smaller piece of malware – such as a keylogger, which

Read More
Analyzing ISFB – The Second Loader

Analyzing ISFB – The Second Loader

So it’s been quite a while since my last post, however now that my Beginner Malware Analysis Course is complete, the posts should be more and more frequent, although that obviously depends on the complexity of the samples I am analyzing. If you haven’t checked out my last post on ISFB where we analyzed the

Read More
Analysing ISFB – The First Loader

Analysing ISFB – The First Loader

I’m finally getting round to writing this post – for the past few months I have been analysing different versions of ISFB/Ursnif/Gozi to gain a deeper understanding in the functionality of this specific malware. In this post, I will be detailing how to unpack and then analyse the first stage loader executable, and then use

Read More
Receive the latest news

Subscribe & Stay Tuned

Stay updated on new course releases and related InfoSec content