I've published 2 quick tutorials about writing #x64dbg scripts and plugins, hope you learn something new :) n1ght-w0lf.github.io/tutorials/writ… n1ght-w0lf.github.io/tutorials/writ…

Hello everyone, I just published a small blog post about writing a generic dotnet string decryptor to help in malware analysis/reverse engineering. #malware_analysis #reverse_engineering n1ght-w0lf.github.io/tutorials/dotn…

It's been exactly 3 years since I published a malware deep dive report, now that I have some free time I decided to write a new blog about #GCleaner #Loader. The blog covers string decryption, config extraction, C2 communications among other stuff. n1ght-w0lf.github.io/malware%20anal…

Inspired by hasherezade's pe_unmapper, I published a small python tool to unmap PE memory dumps. I also added a quick check to handle Hatching's Triage memdumps. github.com/n1ght-w0lf/pe-…

Finally arrived 🎉 #flareon9

We discovered additional insights complementing the CYFIRMA Research report cyfirma.com/research/qwert… on the 'QWERTY Stealer' sample. Our analysis attributes this sample to the DoNot_Downloader family, which is linked to #APT_C_35, also known as the #DoNotTeam. 1/n

The new release of Threatray includes our Chrome plugin which utilizes Threatray's detection and analysis capabilities. I had the pleasure to work on this plugin and get valuable feedbacks from the team. It makes the initial triage of threat reports much easier.

We did our best to provide the most comprehensive analysis of #Bitter (#TA397) group activities.