Malware Analysis – Mahyar Notes

very simple modifications to a Meterpreter shellcode dropper can be sufficient to bypass modern EDRs

May 17, 2023 Forensics and Security, Malware Analysis, metasploit, Penetration Comments Off on very simple modifications to a Meterpreter shellcode dropper can be sufficient to bypass modern EDRs

Introduction When I talk about EDRs in this article, I mean a combination of endpoint protection (EPP) and endpoint detection and response (EDR). I also want to define the term “evasion” in the context of EDRs and malware. When I talk about the fact that it is or has been …

Incident Response Playbooks and Workflows

May 8, 2023 Forensics and Security, Malware Analysis Comments Off on Incident Response Playbooks and Workflows

Incident-Response-Playbooks-and-workflows-1Download

Malicious Document Analysis [Episode 1]

March 26, 2022 Forensics and Security, Malware Analysis Comments Off on Malicious Document Analysis [Episode 1]

Before starting the analysis, I’m going to use the following environment and tools: REMnux: https://docs.remnux.org/install-distro/get-virtual-appliance Didier Stevens Suite:https://blog.didierstevens.com/didier-stevens-suite/ Malwoverview:https://github.com/alexandreborges/malwoverview Furthermore, it’s always recommended to install Oletools # python -m pip install -U oletools All three tools above are usually installed on REMnux by default. However, if you are using Ubuntu …