Automation is the key to becoming a more effective malware analyst, and Ghidra scripting is an essential tool in your arsenal. Get started here!
Posts Taggedreverse engineering
Introducing SentinelOne’s Ghidra Plugin for VirusTotal
Ghidra users can now enjoy the same (and more!) benefits available in IDA Pro from VirusTotal’s VTGrep plugin with this open source plugin from SentinelLabs.
Revealing the Trick | A Deep Dive into TrickLoader Obfuscation
TrickBot’s loader has received much less attention than other components of the malware. Jason Reaves shows how to reverse engineer the TrickLoader function.
Info Stealers | How Malware Hacks Private User Data
Continuing our free Zero2Hero malware reverse engineering course, Daniel Bunce dives into the details of KPot, Vidar & Raccoon Info Stealers.
Gootkit Banking Trojan | Part 3: Retrieving the Final Payload
Gootkit’s final payload contains multiple Node.js scripts. Join Daniel Bunce as he reverse engineers the malware to take a deeper look at what it delivers.
Gootkit Banking Trojan | Part 2: Persistence & Other Capabilities
Reverse engineering Gootkit reveals tricks for persistence, self-updating and a kill switch. Join us as we continue our deep dive into this banking malware
Gootkit Banking Trojan | Deep Dive into Anti-Analysis Features
Gootkit packs plenty of Anti-Analysis features to evade sandboxes, prevent execution in a Virtual Machine, and slow down analysis. Let’s take a dive inside!