Malware and DFIR Research

Welcome to Atomic Matryoshka, a cybersecurity blog dedicated to malware reversing, digital forensics, and incident response. Check out the latest content and feel free to share with the greater community.

Explore

Buy Me a Coffee

z3r0day_504

5 days ago
2 min

Emotet DLL Part 2: Dynamic Analysis

Picking up where we left off in the previous post, we're going to start off by executing the DLL. Based on the export function we saw in...

10 views0 comments

z3r0day_504

Apr 25
2 min

Emotet DLL Part 1: Static Analysis

In a previous post, I covered the file analysis for an Excel file containing malicious code related to Emotet. In this post, we take...

65 views0 comments

Basic Static and Dynamic Analysis of Amadey Loader

z3r0day_504

Apr 4
2 min

Basic Static and Dynamic Analysis of Amadey Loader

In this blog post, I'll cover some basic static and dynamic analysis around Amadey Loader. Amadey is available on Russian-speaking hacker...

88 views0 comments

z3r0day_504

Feb 21
2 min

Ousaban MSI Installer Analysis

In this blog post, I'll provide some cursory coverage on Ousaban and its initial stage via a Microsoft Installer (MSI) file. Ousaban is a...

138 views0 comments

CONTACT

atomicmatryoshka@gmail.com

Malware and DFIR Research

Emotet DLL Part 2: Dynamic Analysis

Emotet DLL Part 1: Static Analysis

Basic Static and Dynamic Analysis of Amadey Loader

Ousaban MSI Installer Analysis

Subscribe Form

CONTACT