Starting Offensive Security Certified Professional (OSCP)

Offensive Security Certified Professional (OSCP) I finally, thanks to my employer Atos, signed myself up for doing the OSCP examination. This means I need to follow the online Penetration Testing with Kali Linux course first before doing the actual 24 hour long exam. The Offensive Security Certified Professional (OSCP) is the companion certification for our […]

New Malware sample : Trojan-Ransom.Win32.Matrix.ac

Ransomware Matrix Being up very early today I could not withstand the urge to pull another malware/virus sample from malwr.com. I downloaded the following sample (which it now seems to be a second generation Matrix Ransomware variant): SHA1 58a6234d3c6aed251b09b8f54611d9679c84af55 SHA256 e7b3102e3e49c6c3611353d704aae797923b699227df92d97987a2e012ba3f25 The malware analysis done on malwr.com shows a big variation in naming the sample, […]

Cerber Ransomeware Sample

Cerber Ransomware Being interested in malware analyses I set myself the challenge of reversing a malware sample a week and posting about it on my blog. Being a perfectionist, it’s a bit difficult to post these struggles because I want it to come out as the malware reports being posted at Kaspersky Labs. However I […]

Analyze some TorrectLocker variant

Trying to commit myself to delve into some malware analysis I already do a short announcement that I’m starting to analyze the following sample -> SHA 256 df7b812698866cf104eb2050032da470a1dd4bf97f1f69ed5522d9ebd727cd13 MD5 0e0dec5e31efb8841954e6de6b57151e It’s well detected and seems to be ransomware. So let’s see if this post will get some updates in the future. Ad-Aware Dropped:Trojan.Generic.20526704 20170327 AegisLab […]

Kali Linux with intel OpenCL

Kali Linux with intel OpenCL Also receiving the following error using KALI, HASHCAT and your Intel CPU -> clGetDeviceIDs(): CL_DEVICE_NOT_FOUND Then follow these steps -> $ mkdir intel-opencl $ tar -C intel-opencl -Jxf intel-opencl-r3.1-BUILD_ID.x86_64.tar.xz $ tar -C intel-opencl -Jxf intel-opencl-devel-r3.1-BUILD_ID.x86_64.tar.xz $ tar -C intel-opencl -Jxf intel-opencl-cpu-r3.1-BUILD_ID.x86_64.tar.xz $ sudo cp -R intel-opencl/* / $ sudo ldconfig […]

T-Pot HoneyPot

Yesterday I came across a really great Honeypot. Since I don’t have much time I just repost their main page -> source T-Pot is based on Ubuntu Server 14.04.4 LTS. The honeypot daemons as well as other support components being used have been paravirtualized using docker. This allowed us to run multiple honeypot daemons on […]

IMF Walkthrough (Vulnhub)

Geckom uploaded his first vulnerable machine to vulnhub.com. As posted before you can find a lot of (mostly) virtualbox images which are vulnerable in several ways. Usually there is one goal, find an x number of flags with the last flag being available only when you rooted the system. The vulnerabilities range from insecure web […]

Nemucod, the dropped files

Yesterday I posted a blog about Cuckoo  & Nemucod. It looked like the Nemucod sample downloaded 2 files successfully, but after reading the Kahu Security write up of the same sample, stating that there were no successful downloads, I immediately had a look this morning what was in the files. Both dropped files just state […]

Analyse Malware & Ransomware with Cuckoo

Analyse Malware and Ransomware with Cuckoo Last week I started with manual debugging a file which I received from Advissa Ludvinka, a non-existing person. Since the beginning of this year I picked up my old passion for debugging malware & viruses, looking into buffer overflows, playing capture the flags on-line (root-me.org, ctf365), off-line (application) penetration […]