Skip to content
Github Twitter YouTube
Lost in Security (and mostly everything else)
Skip to content
  • About me
  • My GitHub Repos
  • Packet Analysis
  • SecurityOnion
  • Challenges
Home Posts tagged "De-obfuscation"

Tag: De-obfuscation

2022-02-13 Breaking out the WD40! First Stage Downloader For Remcos RAT

Herbie Zimmerman February 15, 2022 February 14, 2022Code De-obfuscation, Deobfuscating Code, Remcos 0

Yeah, this picture sums it up very nicely for me… It has been a while since I have played with any malware or tried to RE a script of some sort. So here goes nothing… This post will cover the downloader script from a Remcos maldoc that I was playing…

Continue reading

2018-09-18 Emotet maldocs labeled as “Invoices”

Herbie Zimmerman September 22, 2018 September 22, 2018Code, Packet Analysis De-obfuscation, Emotet 0

Looking through the email filters in on the 18th of September, I managed to find a small batch of emotet emails from the same sender. The emails themselves tried to spoof email addresses, but Outlook ended up displaying both emails (the spoof and the true sender). Looking through the small…

Continue reading

Powered by Nirvana & WordPress.