Using Detect It Easy to… detect it easy I love Detect It Easy. It’s my go-to tool when it comes to triaging malicious samples an... 2023-4-22 07:49:48 | 阅读: 33 | 收藏 | Hexacorn - www.hexacorn.com upx upxed analysis memory reversing

The words that go adapataadadapata April 20, 2023 in Silly... 2023-4-21 06:46:15 | 阅读: 25 | 收藏 | Hexacorn - www.hexacorn.com letter shocked longest combing

Beyond good ol’ Run key, Part 142 April 14, 2023 in Autostart (Persistence)... 2023-4-15 05:47:41 | 阅读: 28 | 收藏 | Hexacorn - www.hexacorn.com obs liking learnt heard tinkering

The words that go (.)[a-z]\1[a-z]\1[a-z]\1[a-z]\1[a-z]\1 April 1, 2023 in Silly... 2023-4-2 06:56:2 | 阅读: 25 | 收藏 | Hexacorn - www.hexacorn.com stupid silly amongst letters dad

Converting questionable questions into unquestionable opportunities… Social media are full of questions that are formulated in a passive, passive-aggressive,... 2023-3-29 06:14:5 | 阅读: 20 | 收藏 | Hexacorn - www.hexacorn.com degree reversing promote security

List of clean mutexes and mutants A few years ago I released a list of ‘bad’ mutexes/mutants. That list was generated from... 2023-3-12 08:3:36 | 阅读: 36 | 收藏 | Hexacorn - www.hexacorn.com windows dllwindows syswow64 mutex exewindows

Threat Hunting – localization issues March 10, 2023 in threat hunting... 2023-3-11 07:47:21 | 阅读: 34 | 收藏 | Hexacorn - www.hexacorn.com l10n acronyms suddenly i18n t9n

Beyond good ol’ Run key, Part 141 February 25, 2023 in Autostart (Persistence)... 2023-2-26 07:55:35 | 阅读: 28 | 收藏 | Hexacorn - www.hexacorn.com microsoft shadowpad combos mastodon packard

Excelling at Excel, Part 3 One of the most common use cases we come across during our malware analysis exercises is... 2023-1-22 08:56:23 | 阅读: 40 | 收藏 | Hexacorn - www.hexacorn.com vlookup isna sample3 filled formula

Yara rules pageant A few days ago I posted a very specific question on Twitter and Mastodon:You’ve got... 2023-1-21 08:12:5 | 阅读: 31 | 收藏 | Hexacorn - www.hexacorn.com github mega yarac gist duplicates

Decrypting SHell Compiled (SHC) ELF files January 13, 2023 in elf, linux, shc... 2023-1-14 07:37:28 | 阅读: 96 | 收藏 | Hexacorn - www.hexacorn.com shc f8 realized decrypted 0x400fdd

Excelling at Excel, Part 2 Today I will talk about automated query-building using Excel. Working as a detection... 2023-1-8 08:1:1 | 阅读: 26 | 收藏 | Hexacorn - www.hexacorn.com formula processes avoiding formulas

Excelling at Excel, Part 1 In my old article I have demonstrated an atypical approach one may take to browse throug... 2023-1-7 08:18:24 | 阅读: 38 | 收藏 | Hexacorn - www.hexacorn.com formulas b1 formatting security dates

Putting ELF on the shelf… In my last post I referred to something what I call “putting elf on the shelf”. The idea... 2023-1-3 08:20:48 | 阅读: 46 | 收藏 | Hexacorn - www.hexacorn.com xdbg windows roi stage reversing

A bunch of OLD-School RCE tricks… January 1, 2023 in Productivity, Reversing... 2023-1-1 08:44:53 | 阅读: 70 | 收藏 | Hexacorn - www.hexacorn.com memory debugger xdbg analysis windows

Beyond good ol’ Run key, Part 140 December 30, 2022 in Autostart (Persistence)... 2022-12-31 07:29:4 | 阅读: 27 | 收藏 | Hexacorn - www.hexacorn.com ol autostart oldie abused

How to be a good quitter? It is now. It is happening. You have finally submitted your resignation letter and y... 2022-12-15 08:12:54 | 阅读: 20 | 收藏 | Hexacorn - www.hexacorn.com employment dates electronic quit rsu

Marrying client-side Windows-based CryptEncrypt and server-side,Linux-based Crypt::OpenSSL::RSA Marrying client-side Windows-based CryptEncrypt and s... 2022-12-10 06:51:12 | 阅读: 26 | 收藏 | Hexacorn - www.hexacorn.com client windows googling crypt

The Future of SOC December 8, 2022 in Incident Response, SOC,... 2022-12-9 07:32:52 | 阅读: 27 | 收藏 | Hexacorn - www.hexacorn.com triage security regulated aas regional

Using make_sc_hash_db.py to create API hashing DBs December 3, 2022 in Malware Analysis... 2022-12-4 06:43:3 | 阅读: 32 | 收藏 | Hexacorn - www.hexacorn.com blown windows hashing analysis python