CRTP Course and Exam Review
Are you considering taking Pentester Academy's Attacking and Defending Active Directory course? Read on and find out more about it and...
Cybersecurity Research
Welcome to Atomic Matryoshka, a cybersecurity blog dedicated to malware reversing, digital forensics, incident response, and offensive security. Check out the latest content and feel free to share with the greater community.
Explore
Search
z3r0day_504
- Jul 25
- 2 min
Precious Metals: Golden and Silver Ticket Attacks
If you're in the realm of cybersecurity, you're probably already aware of the fact that most if not all processes and architectures are...
90 views0 comments
z3r0day_504
- Jun 27
- 2 min
From the User Perspective - Emotet Phish
In a previous post we covered what it looks like from the user perspective when a Trickbot phish is opened. In this post, I'll briefly...
69 views0 comments
z3r0day_504
- Jun 6
- 2 min
From the User Perspective - TrickBot Phish
Most of the posts covered in this blog so far show the static analysis piece of documents, spreadsheets, and PDFs utilizing tools on...
62 views0 comments
z3r0day_504
- May 16
- 2 min
Emotet DLL Part 2: Dynamic Analysis
Picking up where we left off in the previous post, we're going to start off by executing the DLL. Based on the export function we saw in...
73 views0 comments
z3r0day_504
- May 12
- 2 min
Emotet .xls Dropper
Anyone who's been tracking the evolution of prevalent malware families may or may not have heard that the developers behind Emotet...
107 views0 comments
z3r0day_504
- Apr 25
- 2 min
Emotet DLL Part 1: Static Analysis
In a previous post, I covered the file analysis for an Excel file containing malicious code related to Emotet. In this post, we take...
122 views0 comments
z3r0day_504
- Apr 4
- 2 min
Basic Static and Dynamic Analysis of Amadey Loader
In this blog post, I'll cover some basic static and dynamic analysis around Amadey Loader. Amadey is available on Russian-speaking hacker...
110 views0 comments
z3r0day_504
- Mar 14
- 1 min
What is fuzzy hashing?
In a recent conversation with a coworker, the topic of fuzzy hashing came up and how frequently he uses it in his malware analysis...
387 views0 comments
z3r0day_504
- Feb 21
- 2 min
Ousaban MSI Installer Analysis
In this blog post, I'll provide some cursory coverage on Ousaban and its initial stage via a Microsoft Installer (MSI) file. Ousaban is a...
240 views0 comments
z3r0day_504
- Feb 7
- 3 min
Basic PDF Analysis - Formbook Malware
Analysis of Formbook malware delivered via PDF file
199 views0 comments
z3r0day_504
- Jan 28
- 3 min
Malware Headliners: LokiBot
Analysis of LokiBot password stealer
169 views0 comments
z3r0day_504
- Jan 21
- 2 min
Malware Headliners: Emotet
Emotet is a banking trojan that topped the list for most widely seen malware in 2021. Similar to some of my previous posts, Emotet is...
129 views0 comments
z3r0day_504
- Jan 20
- 1 min
Indicators of Compromise (IOCs) List from Analyzed Samples
Living list of IOCs identified for all samples analyzed and published
70 views0 comments
z3r0day_504
- Jan 15
- 3 min
Malware Headliners: Qakbot
Learn how to dissect Qakbot malware as we analyze one of the latest versions found in the wild
193 views0 comments
z3r0day_504
- Jan 9
- 4 min
Malware Headliners: Dridex
Dridex is a banking trojan that has plagued the cyberverse for years. Check out this post for some initial malware analysis.
183 views0 comments
z3r0day_504
- Jan 2
- 6 min
"Cracking Open the Malware Piñata" Series: Intro to Dynamic Analysis with RedLineStealer
Dynamic analysis involves running a binary and observing its behavior in a controlled environment. This can be of significant benefit...
78 views0 comments
z3r0day_504
- Dec 27, 2021
- 7 min
"Cracking Open the Malware Piñata" Series: Intro to Static Analysis with Kazy Trojan
Static analysis, put concisely, is getting information from a specimen without actually executing/detonating it. While it is less...
30 views0 comments
z3r0day_504
- Dec 20, 2021
- 5 min
"Cracking Open the Malware Piñata" Series: Analysis Environment Setup
In recent weeks I've spent a good amount of time delving into a topic that truly fascinates me, and that's malware reverse engineering....
18 views0 comments
z3r0day_504
- Oct 22, 2021
- 4 min
AutoRun Malware: Why your computer is summoning dark lords after you plugged in that parking lot USB
For the last three weeks you've overheard your coworkers go on and on about the MMORPG they've been playing online. Curiosity starts...
16 views0 comments
CONTACT
