• Home
  • Back to Basics
  • Malware Analysis
    • PMA Labs
  • RE 101
  • Threat Lab
  • Resources
  • About Me

Site logo

Satyajit Daulaguphu
https://tech-zealots.com

Threat Lab

How To Quickly Extract Malicious Macros From Document & Triage Incident

By Satyajit Daulaguphu on Tuesday, December 10, 2019
Macro Enabled Doc

Ever received an Incident where a user machine got infected by a malicious attachment which he/she received in the email and as an Incident Responder it suspects you of having a malicious macro that takes advantage of Windows’ own legitimate tools like CMD and PowerShell. But not sure how to quickly extract and analyze macros …

Continue Reading
0
Threat Lab

Dissecting WannaCry Ransomware To It’s Core – Technical Analysis

By Satyajit Daulaguphu on Sunday, November 24, 2019
WannaCry Decrypter

Hi readers! This is probably going to be my first technical post regarding the deep analysis of any malware sample. If you would have followed my blog then you must be aware that most of my posts include building concepts related to malware analysis. However, I decided to take a break from that for a …

Continue Reading
4
Malware Analysis

Understanding Concepts Of VA, RVA and Offset

By Satyajit Daulaguphu on Thursday, October 24, 2019
Virtual Addresses, Relative Virtual Address and Offsets

Before we proceed to the concept of PE File Format, which describes the internal structure of all Windows executable files, one should also know the concepts of Virtual Address (VA), Relative Virtual Address (RVA) and Offsets as these would be the foundation in helping you to understand the technical parts of the PE file format. …

Continue Reading
6
Malware Analysis

A Journey Towards an Import Address Table (IAT) of an Executable File

By Satyajit Daulaguphu on Tuesday, August 27, 2019
Import Address Table

Earlier, I wrote a post on “Understanding PE Structure – The Layman’s Way” and this one is a continuation to that post. I highly recommend my readers to go through that post, where I have gone detailed into the PE file format, before jumping onto this article. Since the earlier post was already too long …

Continue Reading
0
Threat Lab

DeObfuscating #Emotet’s Malicious VBA Macro Like a Pro!!

By Satyajit Daulaguphu on Thursday, May 2, 2019
Emotet Macro Malware

From a very long time, I was thinking of writing an article where I received an email that contained an attachment having some sort of an invoice. The mail seemed legit though but however, was suspicious and I decided that it would be a good time to write up an article on how we can …

Continue Reading
0

Posts navigation

1 2 3 4 Next →
About The Author
Satyajit Daulaguphu
Satyajit Daulaguphu

Security blogger and currently a Research Scientist at FireEye. He feels security is his daily cup of coffee.

Follow Me
Donate on Ko-fi
Categories
  • Back to Basics
  • Malware Analysis
  • Reverse Engineering
  • Threat Lab
Subscribe Us
Get our latest articles on Malware Analysis & threat research delivered to your inbox!

Recent Posts
  • So, Emotet’s Back Huh…
  • How To Quickly Extract Malicious Macros From Document & Triage Incident
  • Dissecting WannaCry Ransomware To It’s Core – Technical Analysis
  • Understanding Concepts Of VA, RVA and Offset
  • A Journey Towards an Import Address Table (IAT) of an Executable File
  • DeObfuscating #Emotet’s Malicious VBA Macro Like a Pro!!
  • Dissecting Manual Unpacking of a UPX Packed File
Recent Comments
  • Muhammad Hassoub on So, Emotet’s Back Huh…
  • Jeha on Understanding Concepts Of VA, RVA and Offset
  • Thanursan on Understanding Concepts Of VA, RVA and Offset
  • Satya on Understanding Concepts Of VA, RVA and Offset
  • Thanursan on Understanding Concepts Of VA, RVA and Offset
Advertisement
Support Brave

Resources
  • About Me
  • Cookies Policy
  • Privacy Policy
  • Resources
  • Reverse Engineering Basics
Recent Posts
  • So, Emotet’s Back Huh…
  • How To Quickly Extract Malicious Macros From Document & Triage Incident
  • Dissecting WannaCry Ransomware To It’s Core – Technical Analysis
  • Understanding Concepts Of VA, RVA and Offset
Newsletter
Get our latest articles on Malware Analysis & threat research delivered to your inbox!

© 2020 Tech Zealots. All rights reserved.