HTB Walkthrough: Precious
Enumeration To start working on this box, we'll first run an nmap scan against it to see what ports are open and what services are...
top of page
Cybersecurity Research
Welcome to Atomic Matryoshka, a cybersecurity blog dedicated to malware reversing, digital forensics, incident response, and offensive security. Check out the latest content and feel free to share with the greater community.
Explore
Home: Welcome
Search
z3r0day_504
- Jan 9
- 1 min
Metamorfo MSI Analysis and IOC Extraction
In this blog post, we'll be doing some basic analysis of a Metamorfo MSI package. According to MITRE, Metamorfo is a Latin American...
24 views0 comments
z3r0day_504
- Dec 19, 2022
- 3 min
Mimikatz 101
If you're new to the infosec/offsec space, the name "Mimikatz" may be foreign or quite vaguely familiar; however, for the folks that have...
190 views0 comments
z3r0day_504
- Nov 28, 2022
- 3 min
HTB Walkthrough: Shoppy
Tools and Resources NoSQLMap: https://github.com/codingo/NoSQLMap GTFOBins: https://gtfobins.github.io/ PayloadAllTheThings:...
146 views0 comments
z3r0day_504
- Nov 9, 2022
- 4 min
Hacker101 CTF: Micro-CMS v1 Walkthrough
Walkthrough for Micro-CMS v1 challenge on the HackerOne Hacker101 CTF
16 views0 comments
z3r0day_504
- Oct 3, 2022
- 2 min
Meeting the 3 Headed Dog: Kerberos Authentication Basics
If you've been in the information security or network administration community for some period of time, chances are you've heard of...
95 views0 comments
z3r0day_504
- Sep 12, 2022
- 2 min
Pass the Hash vs Overpass the Hash
A common technique to leverage once a user's credentials have been harvested is passing the hash; how does that differ from "overpassing...
478 views0 comments
z3r0day_504
- Aug 22, 2022
- 3 min
What is an AMSI bypass?
You may have heard about an AMSI bypass in the context of a work conversation, but what exactly is it and how does it work? Read on to...
176 views0 comments
z3r0day_504
- Aug 1, 2022
- 5 min
CRTP Course and Exam Review
Are you considering taking Pentester Academy's Attacking and Defending Active Directory course? Read on and find out more about it and...
955 views0 comments
z3r0day_504
- Jul 25, 2022
- 2 min
Precious Metals: Golden and Silver Ticket Attacks
If you're in the realm of cybersecurity, you're probably already aware of the fact that most if not all processes and architectures are...
153 views0 comments
z3r0day_504
- Jun 27, 2022
- 2 min
From the User Perspective - Emotet Phish
In a previous post we covered what it looks like from the user perspective when a Trickbot phish is opened. In this post, I'll briefly...
93 views0 comments
z3r0day_504
- Jun 6, 2022
- 2 min
From the User Perspective - TrickBot Phish
Most of the posts covered in this blog so far show the static analysis piece of documents, spreadsheets, and PDFs utilizing tools on...
70 views0 comments
z3r0day_504
- May 16, 2022
- 2 min
Emotet DLL Part 2: Dynamic Analysis
Picking up where we left off in the previous post, we're going to start off by executing the DLL. Based on the export function we saw in...
134 views0 comments
z3r0day_504
- May 12, 2022
- 2 min
Emotet .xls Dropper
Anyone who's been tracking the evolution of prevalent malware families may or may not have heard that the developers behind Emotet...
133 views0 comments
z3r0day_504
- Apr 25, 2022
- 2 min
Emotet DLL Part 1: Static Analysis
In a previous post, I covered the file analysis for an Excel file containing malicious code related to Emotet. In this post, we take...
188 views0 comments
z3r0day_504
- Apr 4, 2022
- 2 min
Basic Static and Dynamic Analysis of Amadey Loader
In this blog post, I'll cover some basic static and dynamic analysis around Amadey Loader. Amadey is available on Russian-speaking hacker...
121 views0 comments
z3r0day_504
- Mar 14, 2022
- 1 min
What is fuzzy hashing?
In a recent conversation with a coworker, the topic of fuzzy hashing came up and how frequently he uses it in his malware analysis...
1,897 views0 comments
z3r0day_504
- Feb 21, 2022
- 2 min
Ousaban MSI Installer Analysis
In this blog post, I'll provide some cursory coverage on Ousaban and its initial stage via a Microsoft Installer (MSI) file. Ousaban is a...
417 views0 comments
z3r0day_504
- Feb 7, 2022
- 3 min
Basic PDF Analysis - Formbook Malware
Analysis of Formbook malware delivered via PDF file
233 views0 comments
z3r0day_504
- Jan 28, 2022
- 3 min
Malware Headliners: LokiBot
Analysis of LokiBot password stealer
209 views0 comments
Home: Subscribe
CONTACT
bottom of page