Malware Analysis

by Anurag


VirusTtoal — SHA-256 — 7c3e2a38dcacc3246409151ecdf283814611a8f9d98ed0e5996fb2615adc2cc2 I pulled the request for malware sample from Malshare for analysis and renamed the file with .exe extension. Tools I used: Ollydbg, WireShark, PEExplorer, I downloaded malware sample, opened in PE explorer, and found resource information Before I start debugginh, I extracted the malware executable file using 7-zip. There were …

Continue reading


I had emailed a recruiter last year for a job opportunity. He reverted back year later with attachment and it was encrypted and provided password. Unzipped and looked for the properties of word document. I analysed file using Oletools  and the result showed it as a suspicious file. I found value (“1jwe7d7n1544”) in the Macro code …

Continue reading