Starting Offensive Security Certified Professional (OSCP)

Offensive Security Certified Professional (OSCP) I finally, thanks to my employer Atos, signed myself up for doing the OSCP examination. This means I need to follow the online Penetration Testing with Kali Linux course first before doing the actual 24 hour long exam. The Offensive Security Certified Professional (OSCP) is the companion certification for our […]

New Malware sample : Trojan-Ransom.Win32.Matrix.ac

Ransomware Matrix Being up very early today I could not withstand the urge to pull another malware/virus sample from malwr.com. I downloaded the following sample (which it now seems to be a second generation Matrix Ransomware variant): SHA1 58a6234d3c6aed251b09b8f54611d9679c84af55 SHA256 e7b3102e3e49c6c3611353d704aae797923b699227df92d97987a2e012ba3f25 The malware analysis done on malwr.com shows a big variation in naming the sample, […]

Cerber Ransomeware Sample

Cerber Ransomware Being interested in malware analyses I set myself the challenge of reversing a malware sample a week and posting about it on my blog. Being a perfectionist, it’s a bit difficult to post these struggles because I want it to come out as the malware reports being posted at Kaspersky Labs. However I […]

T-Pot HoneyPot

Yesterday I came across a really great Honeypot. Since I don’t have much time I just repost their main page -> source T-Pot is based on Ubuntu Server 14.04.4 LTS. The honeypot daemons as well as other support components being used have been paravirtualized using docker. This allowed us to run multiple honeypot daemons on […]

IMF Walkthrough (Vulnhub)

Geckom uploaded his first vulnerable machine to vulnhub.com. As posted before you can find a lot of (mostly) virtualbox images which are vulnerable in several ways. Usually there is one goal, find an x number of flags with the last flag being available only when you rooted the system. The vulnerabilities range from insecure web […]

Nemucod, the dropped files

Yesterday I posted a blog about Cuckoo  & Nemucod. It looked like the Nemucod sample downloaded 2 files successfully, but after reading the Kahu Security write up of the same sample, stating that there were no successful downloads, I immediately had a look this morning what was in the files. Both dropped files just state […]

Analyse Malware & Ransomware with Cuckoo

Analyse Malware and Ransomware with Cuckoo Last week I started with manual debugging a file which I received from Advissa Ludvinka, a non-existing person. Since the beginning of this year I picked up my old passion for debugging malware & viruses, looking into buffer overflows, playing capture the flags on-line (root-me.org, ctf365), off-line (application) penetration […]

Advissa Ludvinka sends me Nemucod

-> Will update along debugging. Javascript is heavily scrambled so not that easy to read. Out of curiosity I decided to have a better look at an attachment that came with a spam message this week. The message has no written content and a subject “Receipt 7068-586205” Apparently the mail was sent from a mailserver […]