Malware and cryptography 35: encrypt payload via Treyfer algorithm. Simple C example. 8 minute read ﷽
Malware and cryptography 33: encrypt payload via Lucifer algorithm. Simple C example. 20 minute read ﷽
Malware and cryptography 32: encrypt payload via FEAL-8 algorithm. Simple C example. 10 minute read ﷽
Malware development: persistence - part 26. Microsoft Edge - part 1. Simple C example. 3 minute read ﷽
Malware development: persistence - part 25. Create symlink from legit to evil. Simple C example. 8 minute read ﷽
Malware development trick 42: Stealing data via legit Discord Bot API. Simple C example. 5 minute read ﷽
Malware development trick 41: Stealing data via legit VirusTotal API. Simple C example. 6 minute read ﷽
Malware development trick 40: Stealing data via legit Telegram API. Simple C example. 6 minute read ﷽
Malware development trick 38: Hunting RWX - part 2. Target process investigation tricks. Simple C/C++ example. 9 minute read ﷽
Malware and cryptography 26: encrypt/decrypt payload via SAFER. Simple C/C++ example. 6 minute read ﷽
Malware development trick - part 37: Enumerate process modules via VirtualQueryEx. Simple C++ example. 4 minute read ﷽
Malware and cryptography 20: encrypt/decrypt payload via Skipjack. Simple C++ example. 13 minute read ﷽
Malware development trick - part 35: Store payload in alternate data streams. Simple C++ example. 3 minute read ﷽
Malware development trick - part 34: Find PID via WTSEnumerateProcesses. Simple C++ example. 5 minute read ﷽
Malware AV/VM evasion - part 18: encrypt/decrypt payload via modular multiplication-based block cipher. Simple C++ example. 8 minute read ﷽
Malware development trick - part 30: Find PID via NtGetNextProcess. Simple C++ example. 5 minute read ﷽
Malware development trick - part 29: Store binary data in registry. Simple C++ example. 7 minute read ﷽
Malware development trick - part 27: WinAPI LoadLibrary implementation. Simple C++ example. 2 minute read ﷽
Malware AV/VM evasion - part 16: WinAPI GetProcAddress implementation. Simple C++ example. 5 minute read ﷽
Malware AV/VM evasion - part 15: WinAPI GetModuleHandle implementation. Simple C++ example. 5 minute read ﷽
Malware AV/VM evasion - part 14: encrypt/decrypt payload via A5/1. Bypass Kaspersky AV. Simple C++ example. 21 minute read ﷽
Malware AV/VM evasion - part 13: encrypt/decrypt payload via Madryga. Simple C++ example. 6 minute read ﷽
Malware AV/VM evasion - part 12: encrypt/decrypt payload via TEA. Simple C++ example. 10 minute read ﷽
Malware analysis: part 8. Yara rule example for MurmurHash2. MurmurHash2 in Conti ransomware 5 minute read ﷽
Malware development: persistence - part 21. Recycle Bin, My Documents COM extension handler. Simple C++ example. 3 minute read ﷽
Malware development: persistence - part 20. UserInitMprLogonScript (Logon Script). Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 19. Disk Cleanup Utility. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 18. Windows Error Reporting. Simple C++ example. 3 minute read ﷽
Malware development: persistence - part 16. Cryptography Registry Keys. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 14. Event Viewer help link. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 13. Hijacking uninstall logic for application. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 12. Accessibility Features. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 10. Using Image File Execution Options. Simple C++ example. 4 minute read ﷽
Malware development: persistence - part 9. Default file extension hijacking. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 6. Windows netsh helper DLL. Simple C++ example. 2 minute read ﷽
Malware and cryptography 35: encrypt payload via Treyfer algorithm. Simple C example. 8 minute read ﷽
Malware and cryptography 33: encrypt payload via Lucifer algorithm. Simple C example. 20 minute read ﷽
Malware and cryptography 32: encrypt payload via FEAL-8 algorithm. Simple C example. 10 minute read ﷽
Malware development: persistence - part 26. Microsoft Edge - part 1. Simple C example. 3 minute read ﷽
Malware development: persistence - part 25. Create symlink from legit to evil. Simple C example. 8 minute read ﷽
Malware development trick 42: Stealing data via legit Discord Bot API. Simple C example. 5 minute read ﷽
Malware development trick 41: Stealing data via legit VirusTotal API. Simple C example. 6 minute read ﷽
Malware development trick 40: Stealing data via legit Telegram API. Simple C example. 6 minute read ﷽
Malware development trick 38: Hunting RWX - part 2. Target process investigation tricks. Simple C/C++ example. 9 minute read ﷽
Malware and cryptography 26: encrypt/decrypt payload via SAFER. Simple C/C++ example. 6 minute read ﷽
Malware development trick - part 37: Enumerate process modules via VirtualQueryEx. Simple C++ example. 4 minute read ﷽
Malware and cryptography 20: encrypt/decrypt payload via Skipjack. Simple C++ example. 13 minute read ﷽
Malware development trick - part 35: Store payload in alternate data streams. Simple C++ example. 3 minute read ﷽
Malware development trick - part 34: Find PID via WTSEnumerateProcesses. Simple C++ example. 5 minute read ﷽
Malware AV/VM evasion - part 18: encrypt/decrypt payload via modular multiplication-based block cipher. Simple C++ example. 8 minute read ﷽
Malware development trick - part 30: Find PID via NtGetNextProcess. Simple C++ example. 5 minute read ﷽
Malware development trick - part 29: Store binary data in registry. Simple C++ example. 7 minute read ﷽
Malware development trick - part 27: WinAPI LoadLibrary implementation. Simple C++ example. 2 minute read ﷽
Malware AV/VM evasion - part 16: WinAPI GetProcAddress implementation. Simple C++ example. 5 minute read ﷽
Malware AV/VM evasion - part 15: WinAPI GetModuleHandle implementation. Simple C++ example. 5 minute read ﷽
Malware AV/VM evasion - part 14: encrypt/decrypt payload via A5/1. Bypass Kaspersky AV. Simple C++ example. 21 minute read ﷽
Malware AV/VM evasion - part 13: encrypt/decrypt payload via Madryga. Simple C++ example. 6 minute read ﷽
Malware AV/VM evasion - part 12: encrypt/decrypt payload via TEA. Simple C++ example. 10 minute read ﷽
Malware development: persistence - part 21. Recycle Bin, My Documents COM extension handler. Simple C++ example. 3 minute read ﷽
Malware development: persistence - part 20. UserInitMprLogonScript (Logon Script). Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 19. Disk Cleanup Utility. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 18. Windows Error Reporting. Simple C++ example. 3 minute read ﷽
Malware development: persistence - part 16. Cryptography Registry Keys. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 14. Event Viewer help link. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 13. Hijacking uninstall logic for application. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 12. Accessibility Features. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 10. Using Image File Execution Options. Simple C++ example. 4 minute read ﷽
Malware development: persistence - part 9. Default file extension hijacking. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 6. Windows netsh helper DLL. Simple C++ example. 2 minute read ﷽
Malware and cryptography 35: encrypt payload via Treyfer algorithm. Simple C example. 8 minute read ﷽
Malware and cryptography 33: encrypt payload via Lucifer algorithm. Simple C example. 20 minute read ﷽
Malware and cryptography 32: encrypt payload via FEAL-8 algorithm. Simple C example. 10 minute read ﷽
Malware development: persistence - part 26. Microsoft Edge - part 1. Simple C example. 3 minute read ﷽
Malware development: persistence - part 25. Create symlink from legit to evil. Simple C example. 8 minute read ﷽
Malware development trick 42: Stealing data via legit Discord Bot API. Simple C example. 5 minute read ﷽
Malware development trick 41: Stealing data via legit VirusTotal API. Simple C example. 6 minute read ﷽
Malware development trick 40: Stealing data via legit Telegram API. Simple C example. 6 minute read ﷽
Malware development trick 38: Hunting RWX - part 2. Target process investigation tricks. Simple C/C++ example. 9 minute read ﷽
Malware and cryptography 26: encrypt/decrypt payload via SAFER. Simple C/C++ example. 6 minute read ﷽
Malware development trick - part 37: Enumerate process modules via VirtualQueryEx. Simple C++ example. 4 minute read ﷽
Malware and cryptography 20: encrypt/decrypt payload via Skipjack. Simple C++ example. 13 minute read ﷽
Malware development trick - part 35: Store payload in alternate data streams. Simple C++ example. 3 minute read ﷽
Malware development trick - part 34: Find PID via WTSEnumerateProcesses. Simple C++ example. 5 minute read ﷽
Malware AV/VM evasion - part 18: encrypt/decrypt payload via modular multiplication-based block cipher. Simple C++ example. 8 minute read ﷽
Malware development trick - part 30: Find PID via NtGetNextProcess. Simple C++ example. 5 minute read ﷽
Malware development trick - part 29: Store binary data in registry. Simple C++ example. 7 minute read ﷽
Malware development trick - part 27: WinAPI LoadLibrary implementation. Simple C++ example. 2 minute read ﷽
Malware AV/VM evasion - part 16: WinAPI GetProcAddress implementation. Simple C++ example. 5 minute read ﷽
Malware AV/VM evasion - part 15: WinAPI GetModuleHandle implementation. Simple C++ example. 5 minute read ﷽
Malware AV/VM evasion - part 14: encrypt/decrypt payload via A5/1. Bypass Kaspersky AV. Simple C++ example. 21 minute read ﷽
Malware AV/VM evasion - part 13: encrypt/decrypt payload via Madryga. Simple C++ example. 6 minute read ﷽
Malware AV/VM evasion - part 12: encrypt/decrypt payload via TEA. Simple C++ example. 10 minute read ﷽
Malware analysis: part 8. Yara rule example for MurmurHash2. MurmurHash2 in Conti ransomware 5 minute read ﷽
Malware development: persistence - part 21. Recycle Bin, My Documents COM extension handler. Simple C++ example. 3 minute read ﷽
Malware development: persistence - part 20. UserInitMprLogonScript (Logon Script). Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 19. Disk Cleanup Utility. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 18. Windows Error Reporting. Simple C++ example. 3 minute read ﷽
Malware development: persistence - part 16. Cryptography Registry Keys. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 14. Event Viewer help link. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 13. Hijacking uninstall logic for application. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 12. Accessibility Features. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 10. Using Image File Execution Options. Simple C++ example. 4 minute read ﷽
Malware development: persistence - part 9. Default file extension hijacking. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 6. Windows netsh helper DLL. Simple C++ example. 2 minute read ﷽
Malware and cryptography 35: encrypt payload via Treyfer algorithm. Simple C example. 8 minute read ﷽
Malware and cryptography 33: encrypt payload via Lucifer algorithm. Simple C example. 20 minute read ﷽
Malware and cryptography 32: encrypt payload via FEAL-8 algorithm. Simple C example. 10 minute read ﷽
Malware development: persistence - part 26. Microsoft Edge - part 1. Simple C example. 3 minute read ﷽
Malware development: persistence - part 25. Create symlink from legit to evil. Simple C example. 8 minute read ﷽
Malware development trick 42: Stealing data via legit Discord Bot API. Simple C example. 5 minute read ﷽
Malware development trick 41: Stealing data via legit VirusTotal API. Simple C example. 6 minute read ﷽
Malware development trick 40: Stealing data via legit Telegram API. Simple C example. 6 minute read ﷽
Malware development trick 38: Hunting RWX - part 2. Target process investigation tricks. Simple C/C++ example. 9 minute read ﷽
Malware and cryptography 26: encrypt/decrypt payload via SAFER. Simple C/C++ example. 6 minute read ﷽
Malware development trick - part 37: Enumerate process modules via VirtualQueryEx. Simple C++ example. 4 minute read ﷽
Malware and cryptography 20: encrypt/decrypt payload via Skipjack. Simple C++ example. 13 minute read ﷽
Malware development trick - part 35: Store payload in alternate data streams. Simple C++ example. 3 minute read ﷽
Malware development trick - part 34: Find PID via WTSEnumerateProcesses. Simple C++ example. 5 minute read ﷽
Malware AV/VM evasion - part 18: encrypt/decrypt payload via modular multiplication-based block cipher. Simple C++ example. 8 minute read ﷽
Malware development trick - part 30: Find PID via NtGetNextProcess. Simple C++ example. 5 minute read ﷽
Malware development trick - part 29: Store binary data in registry. Simple C++ example. 7 minute read ﷽
Malware development trick - part 27: WinAPI LoadLibrary implementation. Simple C++ example. 2 minute read ﷽
Malware AV/VM evasion - part 16: WinAPI GetProcAddress implementation. Simple C++ example. 5 minute read ﷽
Malware AV/VM evasion - part 15: WinAPI GetModuleHandle implementation. Simple C++ example. 5 minute read ﷽
Malware AV/VM evasion - part 14: encrypt/decrypt payload via A5/1. Bypass Kaspersky AV. Simple C++ example. 21 minute read ﷽
Malware AV/VM evasion - part 13: encrypt/decrypt payload via Madryga. Simple C++ example. 6 minute read ﷽
Malware AV/VM evasion - part 12: encrypt/decrypt payload via TEA. Simple C++ example. 10 minute read ﷽
Malware analysis: part 8. Yara rule example for MurmurHash2. MurmurHash2 in Conti ransomware 5 minute read ﷽
Malware development: persistence - part 21. Recycle Bin, My Documents COM extension handler. Simple C++ example. 3 minute read ﷽
Malware development: persistence - part 20. UserInitMprLogonScript (Logon Script). Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 19. Disk Cleanup Utility. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 18. Windows Error Reporting. Simple C++ example. 3 minute read ﷽
Malware development: persistence - part 16. Cryptography Registry Keys. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 14. Event Viewer help link. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 13. Hijacking uninstall logic for application. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 12. Accessibility Features. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 10. Using Image File Execution Options. Simple C++ example. 4 minute read ﷽
Malware development: persistence - part 9. Default file extension hijacking. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 6. Windows netsh helper DLL. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 26. Microsoft Edge - part 1. Simple C example. 3 minute read ﷽
Malware development: persistence - part 25. Create symlink from legit to evil. Simple C example. 8 minute read ﷽
Malware development: persistence - part 21. Recycle Bin, My Documents COM extension handler. Simple C++ example. 3 minute read ﷽
Malware development: persistence - part 20. UserInitMprLogonScript (Logon Script). Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 19. Disk Cleanup Utility. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 18. Windows Error Reporting. Simple C++ example. 3 minute read ﷽
Malware development: persistence - part 16. Cryptography Registry Keys. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 14. Event Viewer help link. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 13. Hijacking uninstall logic for application. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 12. Accessibility Features. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 10. Using Image File Execution Options. Simple C++ example. 4 minute read ﷽
Malware development: persistence - part 9. Default file extension hijacking. Simple C++ example. 2 minute read ﷽
Malware development: persistence - part 6. Windows netsh helper DLL. Simple C++ example. 2 minute read ﷽
Malware and cryptography 20: encrypt/decrypt payload via Skipjack. Simple C++ example. 13 minute read ﷽
Malware AV/VM evasion - part 18: encrypt/decrypt payload via modular multiplication-based block cipher. Simple C++ example. 8 minute read ﷽
Malware development trick - part 27: WinAPI LoadLibrary implementation. Simple C++ example. 2 minute read ﷽
Malware AV/VM evasion - part 16: WinAPI GetProcAddress implementation. Simple C++ example. 5 minute read ﷽
Malware AV/VM evasion - part 15: WinAPI GetModuleHandle implementation. Simple C++ example. 5 minute read ﷽
Malware AV/VM evasion - part 14: encrypt/decrypt payload via A5/1. Bypass Kaspersky AV. Simple C++ example. 21 minute read ﷽
Malware AV/VM evasion - part 13: encrypt/decrypt payload via Madryga. Simple C++ example. 6 minute read ﷽
Malware AV/VM evasion - part 12: encrypt/decrypt payload via TEA. Simple C++ example. 10 minute read ﷽
Malware and cryptography 35: encrypt payload via Treyfer algorithm. Simple C example. 8 minute read ﷽
Malware and cryptography 33: encrypt payload via Lucifer algorithm. Simple C example. 20 minute read ﷽
Malware and cryptography 32: encrypt payload via FEAL-8 algorithm. Simple C example. 10 minute read ﷽
Malware development trick 38: Hunting RWX - part 2. Target process investigation tricks. Simple C/C++ example. 9 minute read ﷽
Malware and cryptography 26: encrypt/decrypt payload via SAFER. Simple C/C++ example. 6 minute read ﷽
Malware development trick - part 37: Enumerate process modules via VirtualQueryEx. Simple C++ example. 4 minute read ﷽
Malware analysis: part 8. Yara rule example for MurmurHash2. MurmurHash2 in Conti ransomware 5 minute read ﷽
Malware analysis: part 8. Yara rule example for MurmurHash2. MurmurHash2 in Conti ransomware 5 minute read ﷽
Malware and cryptography 35: encrypt payload via Treyfer algorithm. Simple C example. 8 minute read ﷽
Malware and cryptography 33: encrypt payload via Lucifer algorithm. Simple C example. 20 minute read ﷽
Malware and cryptography 32: encrypt payload via FEAL-8 algorithm. Simple C example. 10 minute read ﷽
Malware development trick 42: Stealing data via legit Discord Bot API. Simple C example. 5 minute read ﷽
Malware development trick 41: Stealing data via legit VirusTotal API. Simple C example. 6 minute read ﷽
Malware development trick 40: Stealing data via legit Telegram API. Simple C example. 6 minute read ﷽