Category Archives: Shellcode

Digging deep into Recent Angler Exploit kit Fileless delivery

Recently ThreatGlass released a PCAP related to Angler Exploit kit from wira-ku.com. Looking into this, Angler EK has changed it’s obfuscation techniques to load it’s dropper from the exploit server. Let’s dig into this. The initial dropper is downloaded before … Continue reading

Posted in Exploit, Exploit Kit, Malware, Malware Analyzer, Shellcode, Windows | Tagged , , , | Leave a comment

Windows Process name hashes – List 1

accesschk.exe                      = 0x9ee47cc6accessenum.exe                  = 0x03e17cb7adexplorer.exe                     = 0x3ee17c67adinsight.exe                       = 0x9fe67ca6adrestore.exe                       = 0xbfe5fcceaircrack-ng gui.exe             = 0x4d4668b4anubis.exe                           = 0x52d5fa16apimonitor.exe                   = 0x10ec3c9fapis32.exe                           = 0x6ed7fb8eapispy32.exe                       = 0x94d4bd8eautologon.exe                    = 0xace67d4eautoruns.exe                      = 0xbed23c1eautorunsc.exe                    = 0xb0e77dceavp.exe                               = 0x26cdf916bdagent.exe                       = 0x85d43a7ebginfo.exe                          = 0x40d4fa6ecacheset.exe                      = 0x83d77c26cain.exe                             = 0x4acdf96ecamrecorder.exe               = 0x1ae33177camtasiastudio.exe           … Continue reading

Posted in Malware, Malware Analyzer, Reversing, Shellcode, Windows | Tagged , , , , | Leave a comment

Shellcode Detection Tool

Recently i got a chance to visit a link that is sent by one of my friend. It claims to detect shellcode in a file. So i decided to look into it because the original author didn’t share any technical … Continue reading

Posted in Reversing, Shellcode | Tagged , , | Leave a comment