English
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어

#malwareanalysis search results

ShadowOpCode's profile picture. Malware analyst & reverse engineer 🧠 Threat intel on stealers, RATs, live campaigns 🕵️ Technical analysis. No buzzwords. 📍DM open for research collabs
ShadowOpCode
 @ShadowOpCode
Jul 26

🧵New: "From Pixels to Payloads" — We reverse-engineered a multi-stage .NET loader hiding Lumma Stealer in BMPs via stego trick: (255-R)^0x72. Donut Loader → C# Injector → Lumma in memory. 🧠👇 github.com/ShadowOpCode/S… #LummaStealer #Infosec #MalwareAnalysis #ThreatIntelligence

ShadowOpCode's tweet image. 🧵New: "From Pixels to Payloads" — We reverse-engineered a multi-stage .NET loader hiding Lumma Stealer in BMPs via stego trick: (255-R)^0x72. Donut Loader → C# Injector → Lumma in memory. 🧠👇 github.com/ShadowOpCode/S… #LummaStealer #Infosec #MalwareAnalysis #ThreatIntelligence
ShadowOpCode's tweet image. 🧵New: "From Pixels to Payloads" — We reverse-engineered a multi-stage .NET loader hiding Lumma Stealer in BMPs via stego trick: (255-R)^0x72. Donut Loader → C# Injector → Lumma in memory. 🧠👇 github.com/ShadowOpCode/S… #LummaStealer #Infosec #MalwareAnalysis #ThreatIntelligence
ShadowOpCode's tweet image. 🧵New: "From Pixels to Payloads" — We reverse-engineered a multi-stage .NET loader hiding Lumma Stealer in BMPs via stego trick: (255-R)^0x72. Donut Loader → C# Injector → Lumma in memory. 🧠👇 github.com/ShadowOpCode/S… #LummaStealer #Infosec #MalwareAnalysis #ThreatIntelligence
ShadowOpCode's tweet image. 🧵New: "From Pixels to Payloads" — We reverse-engineered a multi-stage .NET loader hiding Lumma Stealer in BMPs via stego trick: (255-R)^0x72. Donut Loader → C# Injector → Lumma in memory. 🧠👇 github.com/ShadowOpCode/S… #LummaStealer #Infosec #MalwareAnalysis #ThreatIntelligence
4
44
149
79
16K
PolySwarm's profile picture. A threat intelligence & detection community helping security teams detect new & emerging malware. Ticker: $NCT Join our Discord: https://t.co/AVknm1YZjh
PolySwarm 🇺🇸
 @PolySwarm
Nov 10

The PolySwarm ecosystem runs on a diverse set of independent engines, each with its own approach to detecting and classifying threats. Different perspectives. Shared intelligence. Better protection. #CyberSecurity #ThreatIntelligence #MalwareAnalysis #PolySwarm

3
8
18
0
1K
MalFuzzer's profile picture. Author of MAoS - Malware Analysis on Steroids & Antivirus Bypass Techniques | Cybersecurity Researcher | Keynote Speaker | Co-Founder @TrainSec Academy
Uriel Kosayev
@MalFuzzer
Oct 21

It’s finally here! 📦 Just received my own printed copies of MAoS – Malware Analysis on Steroids 🔥 There’s nothing like holding your work after months of writing, research, and late-night debugging. Get your copy here👉amazon.com/dp/B0FQDGZGZW #CyberSecurity #MalwareAnalysis

MalFuzzer's tweet image. It’s finally here! 📦 Just received my own printed copies of MAoS – Malware Analysis on Steroids 🔥 There’s nothing like holding your work after months of writing, research, and late-night debugging. Get your copy here👉amazon.com/dp/B0FQDGZGZW #CyberSecurity #MalwareAnalysis…
MalFuzzer's tweet image. It’s finally here! 📦 Just received my own printed copies of MAoS – Malware Analysis on Steroids 🔥 There’s nothing like holding your work after months of writing, research, and late-night debugging. Get your copy here👉amazon.com/dp/B0FQDGZGZW #CyberSecurity #MalwareAnalysis…
12
57
629
400
28K
clibm079's profile picture. Independent Malware Analyst & Researcher,Notes (Philosophy & Poetry) — The Path of Clarity & Poems of Malware Analysis. Blog: https://t.co/DJ3Wxn2OWS
clibm079
 @clibm079
Nov 6

Example: IDA + DIE — Decode XOR data directly in DIE’s data convertor. A fast workflow for efficient malware analysis. #MalwareAnalysis #XOR #ReverseEngineering #DIE #IDA

0
10
52
22
2K
PolySwarm's profile picture. A threat intelligence & detection community helping security teams detect new & emerging malware. Ticker: $NCT Join our Discord: https://t.co/AVknm1YZjh
PolySwarm 🇺🇸
 @PolySwarm
Nov 18

PolySwarm empowers security teams with private, scalable malware analysis and real-time intelligence, designed for today’s threat landscape. #CyberSecurity #ThreatIntelligence #MalwareAnalysis

PolySwarm's tweet image. PolySwarm empowers security teams with private, scalable malware analysis and real-time intelligence, designed for today’s threat landscape. #CyberSecurity #ThreatIntelligence #MalwareAnalysis
1
7
24
0
670
Ejokejohn's profile picture. https://t.co/PMNf5LGRFx (Ed) Computer Science || Cybersecurity Analyst || (CCST) || ISO/IEC 27001:2022 Associate || Cyber Threat Intelligence ||
Ejoke John Oghenekewe
 @Ejokejohn
Oct 3

Revisited my malware analysis project using FLARE VM and upgraded it with a custom YARA rule to hunt AgentTesla variants. Proud of how it turned out. Shoutout to @ireteeh and @Cyblackorg for this opportunity 🙂 #MalwareAnalysis #YARARules #Cybersecurity #ThreatHunting #FLAREVM

Ejokejohn's tweet image. Revisited my malware analysis project using FLARE VM and upgraded it with a custom YARA rule to hunt AgentTesla variants. Proud of how it turned out. Shoutout to @ireteeh and @Cyblackorg for this opportunity 🙂 #MalwareAnalysis #YARARules #Cybersecurity #ThreatHunting #FLAREVM
2
5
15
1
1K
hackdef's profile picture. Aim to provide world class security services and training
Hack Defender
 @hackdef
Oct 23

BAT & PowerShell: powerful admin tools — but attackers can abuse them. Follow for Part 2: how to detect & defend. Drop of the week youtu.be/j5PTyL9TFZA?si… #MalwareAnalysis #Cybersecurity #HackDef #script #training

0
3
6
1
288
hackdef's profile picture. Aim to provide world class security services and training
Hack Defender
 @hackdef
Nov 4

Malware hides behind layers of obfuscation. Most analysts slow down there. We don’t. 👊⚡️ #NeZa reveals runtime behavior, API activity, and memory artifacts fast — and you learn to do it hands-on. Train like a real defender, not a spectator. #MalwareAnalysis #DFIR #BlueTeam

0
1
3
0
219
_c0c0n_'s profile picture. c0c0n is a five day cyber security, data privacy and hacking conference conducted annually.
c0c0n2025
 @_c0c0n_
Oct 6

We’re excited to welcome Anmol Maurya, Staff Malware Reverse Engineer @ Palo Alto Networks, as he reveals how attackers leverage Go’s portability to target Mac & Linux—and why multi-OS defenses matter. #CyberSecurity #MalwareAnalysis #Infosec #ThreatResearch

_c0c0n_'s tweet image. We’re excited to welcome Anmol Maurya, Staff Malware Reverse Engineer @ Palo Alto Networks, as he reveals how attackers leverage Go’s portability to target Mac & Linux—and why multi-OS defenses matter. #CyberSecurity #MalwareAnalysis #Infosec #ThreatResearch
0
1
1
0
158
ReversingLabs's profile picture. ReversingLabs is the trusted name in file and software security. RL - Trust Delivered.
ReversingLabs
@ReversingLabs
Oct 21

RL ❤️ #YARArules! We've been writing them for years. Watch below to see how RL Spectra Analyze makes YARA seamless & powerful for the #SOC. #MalwareAnalysis

0
0
1
1
458
MalFuzzer's profile picture. Author of MAoS - Malware Analysis on Steroids & Antivirus Bypass Techniques | Cybersecurity Researcher | Keynote Speaker | Co-Founder @TrainSec Academy
Uriel Kosayev
@MalFuzzer
Sep 17

🔥 A week after release and thank God, MAoS – Malware Analysis on Steroids is officially a #1 Best Seller on Amazon! Get your copy today: amazon.com/gp/aw/d/B0FQDL… #CyberSecurity #MalwareAnalysis #ReverseEngineering #Infosec #MAoS #TrainSec #OffensiveSecurity #Malware

MalFuzzer's tweet image. 🔥 A week after release and thank God, MAoS – Malware Analysis on Steroids is officially a #1 Best Seller on Amazon! Get your copy today: amazon.com/gp/aw/d/B0FQDL… #CyberSecurity #MalwareAnalysis #ReverseEngineering #Infosec #MAoS #TrainSec #OffensiveSecurity #Malware
MalFuzzer's tweet image. 🔥 A week after release and thank God, MAoS – Malware Analysis on Steroids is officially a #1 Best Seller on Amazon! Get your copy today: amazon.com/gp/aw/d/B0FQDL… #CyberSecurity #MalwareAnalysis #ReverseEngineering #Infosec #MAoS #TrainSec #OffensiveSecurity #Malware
1
2
20
1
2K
moval0x1's profile picture. Reverse Engineering and Malware lover :)
Charles Lomboni
 @moval0x1
Oct 30

Hello! I just dropped a new article about an old but very up-to-date subject. Please let me know if you find anything incorrect or not well-explained. moval0x1.github.io/posts/the-peb-… #malwareanalysis #reverseengineering #malcat #x64dbg #pebwalk #shellcode

moval0x1.github.io

The PEB Walk Anatomy

Practical Techniques for Shellcode & Reversing

Source: moval0x1.github.io
2
20
65
41
5K
cyber5w's profile picture. The ART of #DFIR Training - #C5W
Cyber 5W
@cyber5w
Oct 2

Deep dive into CyberGate RAT! 🔬 We unpack this notorious Delphi malware, detail its process injection, persistence, and C2 communication Don't miss the full technical breakdown! Read the analysis: blog.cyber5w.com/cybergate-malw… #C5W #MalwareAnalysis #CyberGate #RAT #DFIR #InfoSec

cyber5w's tweet image. Deep dive into CyberGate RAT! 🔬 We unpack this notorious Delphi malware, detail its process injection, persistence, and C2 communication Don't miss the full technical breakdown! Read the analysis: blog.cyber5w.com/cybergate-malw… #C5W #MalwareAnalysis #CyberGate #RAT #DFIR #InfoSec…
0
2
2
0
206
ReversingLabs's profile picture. ReversingLabs is the trusted name in file and software security. RL - Trust Delivered.
ReversingLabs
@ReversingLabs
Oct 20

RL recently introduced significant updates to its #MalwareAnalysis & #ThreatHunting portfolio, adding new AI-driven & Kubernetes-ready capabilities. Join us this Friday to learn more: bit.ly/47pe4ff

ReversingLabs's tweet image. RL recently introduced significant updates to its #MalwareAnalysis & #ThreatHunting portfolio, adding new AI-driven & Kubernetes-ready capabilities. Join us this Friday to learn more: bit.ly/47pe4ff
0
0
1
0
241
marktsec46065's profile picture. 💫Threat Intel💫 Automation💫 Threat Analysis 💫OSINT💫 Testing 💫Network Security💫
marktsec
 @marktsec46065
Jul 7

🚨 New variant spotted: Matanbuchus 3.0 — a rebuilt malware loader advertised on underground forums. Features DNS/HTTPS C2, in-memory execution, reverse shell, morphing builds & multitenant panel. Price: $10K–$15K/month. Active threat. #CyberThreat #Infosec #MalwareAnalysis

marktsec46065's tweet image. 🚨 New variant spotted: Matanbuchus 3.0 — a rebuilt malware loader advertised on underground forums. Features DNS/HTTPS C2, in-memory execution, reverse shell, morphing builds & multitenant panel. Price: $10K–$15K/month. Active threat. #CyberThreat #Infosec #MalwareAnalysis
1
3
18
6
2K
Huntio's profile picture. https://t.co/9I6nRUiFjm is a service that provides threat intelligence data about observed network scanning and cyber attacks.
Hunt.io
@Huntio
Oct 22

🌐 Two months ago, we uncovered APT Sidewinder’s use of Netlify and Pages[.]dev hosting platforms to deploy phishing portals that impersonated government and defense agencies throughout South Asia. ⬇️ hunt.io/blog/apt-sidew… #MalwareAnalysis #SecurityResearch

Huntio's tweet card. APT Sidewinder targets South Asian government and military portals using Netlify-hosted phishing pages to harvest credentials. Learn more.
APT Sidewinder Abuses Netlify to Mimic Government and Military Portals in South Asia
Source: hunt.io
2
10
34
8
3K
MalFuzzer's profile picture. Author of MAoS - Malware Analysis on Steroids & Antivirus Bypass Techniques | Cybersecurity Researcher | Keynote Speaker | Co-Founder @TrainSec Academy
Uriel Kosayev
@MalFuzzer
Sep 1

Be prepared, the MAoS - Malware Analysis on Steroids book will be released in the following days 🔥😎 MAoS - Fighting malware to the death ⚔️ #CyberSecurity #MalwareAnalysis #ReverseEngineering #Infosec #MAoS #TrainSec #OffensiveSecurity #Malware

MalFuzzer's profile picture. Author of MAoS - Malware Analysis on Steroids & Antivirus Bypass Techniques | Cybersecurity Researcher | Keynote Speaker | Co-Founder @TrainSec Academy
Uriel Kosayev
@MalFuzzer
May 20

🚨 COMING SOON 🚨 After years of real-world malware dissections, offensive operations, and late-night reverse engineering battles, I'm finally putting it all into one place. 📘 MAoS – Malware Analysis on Steroids This isn't another theoretical guide. It's raw, practical, and…

MalFuzzer's tweet image. 🚨 COMING SOON 🚨 After years of real-world malware dissections, offensive operations, and late-night reverse engineering battles, I'm finally putting it all into one place. 📘 MAoS – Malware Analysis on Steroids This isn't another theoretical guide. It's raw, practical, and…
23
138
970
716
58K
13
7
74
45
5K
TweetThreatNews's profile picture. 🔍 ThreatResearch 📰 CybersecurityNews 🖥️ RansomMonitor 📂 Cyber Attack 📂 Data Breach 🎥 Youtube
Cybersecurity News Everyday
 @TweetThreatNews
2 h

Sekoia TDR leverages Assemblyline's staged pipeline and ConfigExtractor to automate malware config extraction, demonstrated on Kaiji IoT botnet. Uses YARA detection and Python decoding for C2:Port data. #IoTSecurity #MalwareAnalysis #Canada ift.tt/FXU0K2W

TweetThreatNews's tweet card. This article describes how Sekoia TDR uses the Assemblyline analysis pipeline and its ConfigExtractor service (backed by MACO) to automate extraction of malware configuration data, demonstrated with...
Advent of Configuration Extraction – Part 1: Pipeline Overview – First Steps with Kaiji Configura...
Source: hendryadrian.com
0
0
0
0
50
Precedence_R's profile picture. #PrecedenceResearch – Delivering global market intelligence, data-driven insights, and strategic consulting to empower Fortune companies and industry leaders.
Precedence Research
 @Precedence_R
11 h

The #malwareanalysis market is rising fast—valued at $6.94B in 2025 and projected to reach $16.46B by 2034 (CAGR 10.06%). With cyberattacks growing more sophisticated, demand for automated threat detection and real-time security intelligence is surging. precedenceresearch.com/malware-analys…

Precedence_R's tweet card. The global malware analysis market size is evaluated at USD 6.94 billion in 2025 and is predicted to hit around USD 16.46 billion by 2034, growing at a CAGR of 10.06%.
Malware Analysis Market Size to Hit USD 16.46 Billion by 2034
Source: precedenceresearch.com
0
0
0
0
17
Cyber_O51NT's profile picture. #OSINT treasure hunter, investigator, #CyberThreatIntel analyst. Opinions are my own. Follow me on Telegram https://t.co/i6VBbeUXgd for cyber news.
Cyber_OSINT
 @Cyber_O51NT
Nov 28

WithSecure's STINGR Group has released a detailed analysis of TangleCrypt, a sophisticated yet buggy Windows malware packer, found in a ransomware attack, outlining its unpacking process and implementation flaws. #CyberSecurity #MalwareAnalysis labs.withsecure.com/publications/t…

1
9
21
2
2K
ox0ffff's profile picture. Politics is the mind killer. Hacker - Cybersecurity Specialist. Helping small businesses avoid cyber threats | Practical security habits | New thread every week
0x0fff
@ox0ffff
Nov 27

2/8 Instant Risk Scoring: Get 0-100 security scores in seconds! The tool automatically detects: Packed malware (UPX unpacking built-in) Suspicious imports & API patterns Future timestamps & fake signatures 186+ embedded URLs & IP addresses #MalwareAnalysis #ThreatDetection

0
0
0
0
14
K7CyberSecurity's profile picture. K7 Cyber Security is a global pioneer in cyber security with over 30 years’ expertise in the industry. For more https://t.co/CzBR0ylQGd
K7 Cyber Security
 @K7CyberSecurity
Nov 27

Attackers are getting smarter, using signed Microsoft binaries to hide their tracks. Our latest analysis reveals how a hidden Python fragment injects into cvtres.exe to evade detection. Get the full technical breakdown here labs.k7computing.com/index.php/mask… #CyberSecurity #MalwareAnalysis

K7CyberSecurity's tweet card. During a routine analysis at K7 Labs, we encountered a Python-based malware sample that uses multi-stage obfuscation. The de-obfuscated result […]
Masked in Memory: A Hidden .PYC fragment utilises cvtres.exe to communicate with C&C
Source: labs.k7computing.com
0
0
0
0
27
teffyantonelita's profile picture. Gorda ciberseguridad 💻 | EL OJO que todo lo ve | AVE MILLER 🦅 | IT Consultant y fundamentalista de Star Wars
Antonela E. Arenas
@teffyantonelita
Nov 26

Ofuscar = ganar tiempo. Mientras vos peleás con el rompecabezas, el malware se instala. #MalwareAnalysis #CyberDefense #IngenieriaInversa

1
0
3
0
62
harry_creation's profile picture. Aspiring Cyber Security Researcher👤 | Security Engineer @RenaultGroup
Foxy_Proxy
@harry_creation
Nov 26

Silent Exfilteration : Sha1-Hulud: The Second Coming. The rise of modern software supply chains has accelerated rapidly—and with it, a new wave of highly sophisticated, often invisible cyberattacks. #SupplyChainAttack #MalwareAnalysis #Sha1Hulud CC: @malwarehuntslab

harry_creation's tweet image. Silent Exfilteration : Sha1-Hulud: The Second Coming. The rise of modern software supply chains has accelerated rapidly—and with it, a new wave of highly sophisticated, often invisible cyberattacks. #SupplyChainAttack #MalwareAnalysis #Sha1Hulud CC: @malwarehuntslab
1
0
2
0
458
MalFuzzer's profile picture. Author of MAoS - Malware Analysis on Steroids & Antivirus Bypass Techniques | Cybersecurity Researcher | Keynote Speaker | Co-Founder @TrainSec Academy
Uriel Kosayev
@MalFuzzer
Nov 26

🚀 MAoS just hit 1,000 reads on ResearchGate! Grateful to see researchers and security professionals diving into the book and using it in real-world work. More research and deep-dive content coming soon. 📖 amazon.com/dp/B0FQDGZGZW #CyberSecurity #MalwareAnalysis

MalFuzzer's tweet image. 🚀 MAoS just hit 1,000 reads on ResearchGate! Grateful to see researchers and security professionals diving into the book and using it in real-world work. More research and deep-dive content coming soon. 📖 amazon.com/dp/B0FQDGZGZW #CyberSecurity #MalwareAnalysis…
0
0
5
2
516
Mshoraty's profile picture. مجموعة عمل مشوراتي - فريق الأخبار https://t.co/ujyL3xkMJj
Mshoraty | مشوراتي
 @Mshoraty
Nov 25

مستوى متقدم من التخفي البرمجية لا تُكتب على القرص الصلب، بل تعمل من الذاكرة فقط — ما يجعل اكتشافها عبر برامج الحماية التقليدية صعبًا للغاية. كما تستخدم خوارزميات XOR لتشفير الأوامر وإخفاء أنشطتها عن أدوات المراقبة الأمنية. #InfoSec #MalwareAnalysis

1
0
1
0
15
DC3DCISE's profile picture. Official X account of the U.S. DoD-Defense Industrial Base Collaborative Information Sharing Environment (DCISE)
DC3 DCISE
 @DC3DCISE
Nov 25

🚨 New Python-based WhatsApp worm spreading via malicious links. Visit @TheHackersNews for more details #MalwareAnalysis #Python #WhatsApp

1
1
1
0
649
707_Roi's profile picture. SOC Analyst | Threat Hunter & Incident Responder | Exploring AI/ML in Security & Engineering | SAL1 Certified | Harvard Aspire '25
Rwotolara Innocent
 @707_Roi
Nov 24

Malware Classification on @TryHackMe taught me to identify and categorize threats, from adware and spyware to ransomware, wipers, and keyloggers. Understanding malware families and attack patterns sharpens threat detection skills. #SOC #BlueTeam #MalwareAnalysis

707_Roi's tweet image. Malware Classification on @TryHackMe taught me to identify and categorize threats, from adware and spyware to ransomware, wipers, and keyloggers. Understanding malware families and attack patterns sharpens threat detection skills. #SOC #BlueTeam #MalwareAnalysis
0
0
2
0
60
TweetThreatNews's profile picture. 🔍 ThreatResearch 📰 CybersecurityNews 🖥️ RansomMonitor 📂 Cyber Attack 📂 Data Breach 🎥 Youtube
Cybersecurity News Everyday
 @TweetThreatNews
Nov 24

A new .NET steganographic loader disguises as a business document, hiding Lokibot payloads in images, enabling credential theft, code injection, and persistence via scheduled tasks. #Lokibot #Steganography #MalwareAnalysis ift.tt/VT0U1XO

TweetThreatNews's tweet card. Splunk Threat Research Team analyzed a new .NET steganographic loader variant that decrypts and loads a container module at runtime to hide two image-embedded stagers, one of which yielded a Lokibot...
Lokibot Credential Stealer
Source: hendryadrian.com
0
0
1
0
117
PolySwarm's profile picture. A threat intelligence & detection community helping security teams detect new & emerging malware. Ticker: $NCT Join our Discord: https://t.co/AVknm1YZjh
PolySwarm 🇺🇸
 @PolySwarm
Nov 21

Real-world adoption drives ecosystem strength. PolySwarm’s malware intelligence platform is now powering threat detection across enterprise and ISAC networks. #CyberSecurity #ThreatIntelligence #MalwareAnalysis #InfoSec #EnterpriseSecurity

PolySwarm's tweet image. Real-world adoption drives ecosystem strength. PolySwarm’s malware intelligence platform is now powering threat detection across enterprise and ISAC networks. #CyberSecurity #ThreatIntelligence #MalwareAnalysis #InfoSec #EnterpriseSecurity
1
1
12
0
636
RohitVishw54326's profile picture.
Rohit Vishwakarma
 @RohitVishw54326
Nov 21

✅ Completed the REMnux: Getting Started lab on @TryHackMe! Learned the fundamentals of malware analysis & reverse engineering using REMnux 🔍#CyberSecurity #TryHackMe #MalwareAnalysis #BlueTeam @anand114bug @CyberMindSpace @rikki59845

RohitVishw54326's tweet image. ✅ Completed the REMnux: Getting Started lab on @TryHackMe! Learned the fundamentals of malware analysis & reverse engineering using REMnux 🔍#CyberSecurity #TryHackMe #MalwareAnalysis #BlueTeam @anand114bug @CyberMindSpace @rikki59845
0
0
0
0
24
Cyber_O51NT's profile picture. #OSINT treasure hunter, investigator, #CyberThreatIntel analyst. Opinions are my own. Follow me on Telegram https://t.co/i6VBbeUXgd for cyber news.
Cyber_OSINT
 @Cyber_O51NT
Nov 21

An analysis report reveals that malware mimicking a popular Korean delivery service employs advanced obfuscation and packing techniques to evade AV detection, with AI technology enhancing its distribution methods. #CyberSecurity #MalwareAnalysis asec.ahnlab.com/en/91176/

Cyber_O51NT's tweet card. Analysis Report on AI-Based Obfuscated Malicious Apps Using Compromised Legitimate Websites as C2 Servers ASEC
Analysis Report on AI-Based Obfuscated Malicious Apps Using Compromised Legitimate Websites as C2...
Source: asec.ahnlab.com
0
7
15
4
2K
RohitVishw54326's profile picture.
Rohit Vishwakarma
 @RohitVishw54326
Nov 21

Just completed TryHackMe’s “CAPA: The Basics”! Leveling up my malware analysis skills—one flag at a time 🔍💻 #TryHackMe #CyberSecurity #MalwareAnalysis @anand114bug @CyberMindSpace @rikki59845

RohitVishw54326's tweet image. Just completed TryHackMe’s “CAPA: The Basics”! Leveling up my malware analysis skills—one flag at a time 🔍💻 #TryHackMe #CyberSecurity #MalwareAnalysis @anand114bug @CyberMindSpace @rikki59845
0
0
0
0
25
ShadowOpCode's profile picture. Malware analyst & reverse engineer 🧠 Threat intel on stealers, RATs, live campaigns 🕵️ Technical analysis. No buzzwords. 📍DM open for research collabs
ShadowOpCode
 @ShadowOpCode
Jul 26

🧵New: "From Pixels to Payloads" — We reverse-engineered a multi-stage .NET loader hiding Lumma Stealer in BMPs via stego trick: (255-R)^0x72. Donut Loader → C# Injector → Lumma in memory. 🧠👇 github.com/ShadowOpCode/S… #LummaStealer #Infosec #MalwareAnalysis #ThreatIntelligence

ShadowOpCode's tweet image. 🧵New: "From Pixels to Payloads" — We reverse-engineered a multi-stage .NET loader hiding Lumma Stealer in BMPs via stego trick: (255-R)^0x72. Donut Loader → C# Injector → Lumma in memory. 🧠👇 github.com/ShadowOpCode/S… #LummaStealer #Infosec #MalwareAnalysis #ThreatIntelligence
ShadowOpCode's tweet image. 🧵New: "From Pixels to Payloads" — We reverse-engineered a multi-stage .NET loader hiding Lumma Stealer in BMPs via stego trick: (255-R)^0x72. Donut Loader → C# Injector → Lumma in memory. 🧠👇 github.com/ShadowOpCode/S… #LummaStealer #Infosec #MalwareAnalysis #ThreatIntelligence
ShadowOpCode's tweet image. 🧵New: "From Pixels to Payloads" — We reverse-engineered a multi-stage .NET loader hiding Lumma Stealer in BMPs via stego trick: (255-R)^0x72. Donut Loader → C# Injector → Lumma in memory. 🧠👇 github.com/ShadowOpCode/S… #LummaStealer #Infosec #MalwareAnalysis #ThreatIntelligence
ShadowOpCode's tweet image. 🧵New: "From Pixels to Payloads" — We reverse-engineered a multi-stage .NET loader hiding Lumma Stealer in BMPs via stego trick: (255-R)^0x72. Donut Loader → C# Injector → Lumma in memory. 🧠👇 github.com/ShadowOpCode/S… #LummaStealer #Infosec #MalwareAnalysis #ThreatIntelligence
4
44
149
79
16K
embee_research's profile picture. Security Researcher, Creating and Sharing Educational Content.
Matthew
@embee_research
Jun 9, 2024

CyberChef Tips - Creating and Accessing Variables #CyberChef has a little known "registers" operation that allows you to create and reference values later on in your analysis. [1/2] #malware #malwareanalysis

embee_research's tweet image. CyberChef Tips - Creating and Accessing Variables #CyberChef has a little known "registers" operation that allows you to create and reference values later on in your analysis. [1/2] #malware #malwareanalysis
embee_research's tweet image. CyberChef Tips - Creating and Accessing Variables #CyberChef has a little known "registers" operation that allows you to create and reference values later on in your analysis. [1/2] #malware #malwareanalysis
embee_research's tweet image. CyberChef Tips - Creating and Accessing Variables #CyberChef has a little known "registers" operation that allows you to create and reference values later on in your analysis. [1/2] #malware #malwareanalysis
embee_research's tweet image. CyberChef Tips - Creating and Accessing Variables #CyberChef has a little known "registers" operation that allows you to create and reference values later on in your analysis. [1/2] #malware #malwareanalysis
2
31
120
58
10K
embee_research's profile picture. Security Researcher, Creating and Sharing Educational Content.
Matthew
@embee_research
Jan 2, 2024

🔥Lumma Stealer - Manually Unpacking and Extracting C2's 🔥 Let's analyse a Lumma malware sample and manually unpack it with Dnspy and x32dbg. We'll then leverage Ghidra and x32dbg to locate and decrypt four C2 addresses. [1/24] 🖊️ #Malwareanalysis #Ghidra

embee_research's tweet image. 🔥Lumma Stealer - Manually Unpacking and Extracting C2's 🔥 Let's analyse a Lumma malware sample and manually unpack it with Dnspy and x32dbg. We'll then leverage Ghidra and x32dbg to locate and decrypt four C2 addresses. [1/24] 🖊️ #Malwareanalysis #Ghidra
embee_research's tweet image. 🔥Lumma Stealer - Manually Unpacking and Extracting C2's 🔥 Let's analyse a Lumma malware sample and manually unpack it with Dnspy and x32dbg. We'll then leverage Ghidra and x32dbg to locate and decrypt four C2 addresses. [1/24] 🖊️ #Malwareanalysis #Ghidra
embee_research's tweet image. 🔥Lumma Stealer - Manually Unpacking and Extracting C2's 🔥 Let's analyse a Lumma malware sample and manually unpack it with Dnspy and x32dbg. We'll then leverage Ghidra and x32dbg to locate and decrypt four C2 addresses. [1/24] 🖊️ #Malwareanalysis #Ghidra
embee_research's tweet image. 🔥Lumma Stealer - Manually Unpacking and Extracting C2's 🔥 Let's analyse a Lumma malware sample and manually unpack it with Dnspy and x32dbg. We'll then leverage Ghidra and x32dbg to locate and decrypt four C2 addresses. [1/24] 🖊️ #Malwareanalysis #Ghidra
4
74
275
150
27K
MalFuzzer's profile picture. Author of MAoS - Malware Analysis on Steroids & Antivirus Bypass Techniques | Cybersecurity Researcher | Keynote Speaker | Co-Founder @TrainSec Academy
Uriel Kosayev
@MalFuzzer
Oct 21

It’s finally here! 📦 Just received my own printed copies of MAoS – Malware Analysis on Steroids 🔥 There’s nothing like holding your work after months of writing, research, and late-night debugging. Get your copy here👉amazon.com/dp/B0FQDGZGZW #CyberSecurity #MalwareAnalysis

MalFuzzer's tweet image. It’s finally here! 📦 Just received my own printed copies of MAoS – Malware Analysis on Steroids 🔥 There’s nothing like holding your work after months of writing, research, and late-night debugging. Get your copy here👉amazon.com/dp/B0FQDGZGZW #CyberSecurity #MalwareAnalysis…
MalFuzzer's tweet image. It’s finally here! 📦 Just received my own printed copies of MAoS – Malware Analysis on Steroids 🔥 There’s nothing like holding your work after months of writing, research, and late-night debugging. Get your copy here👉amazon.com/dp/B0FQDGZGZW #CyberSecurity #MalwareAnalysis…
12
57
629
400
28K
marktsec46065's profile picture. 💫Threat Intel💫 Automation💫 Threat Analysis 💫OSINT💫 Testing 💫Network Security💫
marktsec
 @marktsec46065
Jul 7

🚨 New variant spotted: Matanbuchus 3.0 — a rebuilt malware loader advertised on underground forums. Features DNS/HTTPS C2, in-memory execution, reverse shell, morphing builds & multitenant panel. Price: $10K–$15K/month. Active threat. #CyberThreat #Infosec #MalwareAnalysis

marktsec46065's tweet image. 🚨 New variant spotted: Matanbuchus 3.0 — a rebuilt malware loader advertised on underground forums. Features DNS/HTTPS C2, in-memory execution, reverse shell, morphing builds & multitenant panel. Price: $10K–$15K/month. Active threat. #CyberThreat #Infosec #MalwareAnalysis
1
3
18
6
2K
harry_creation's profile picture. Aspiring Cyber Security Researcher👤 | Security Engineer @RenaultGroup
Foxy_Proxy
@harry_creation
Nov 26

Silent Exfilteration : Sha1-Hulud: The Second Coming. The rise of modern software supply chains has accelerated rapidly—and with it, a new wave of highly sophisticated, often invisible cyberattacks. #SupplyChainAttack #MalwareAnalysis #Sha1Hulud CC: @malwarehuntslab

harry_creation's tweet image. Silent Exfilteration : Sha1-Hulud: The Second Coming. The rise of modern software supply chains has accelerated rapidly—and with it, a new wave of highly sophisticated, often invisible cyberattacks. #SupplyChainAttack #MalwareAnalysis #Sha1Hulud CC: @malwarehuntslab
1
0
2
0
458
d4rksystem's profile picture. Threat Research @proofpoint | Author of "Evasive Malware" @nostarch | Talks about cybercrime, threat intel, and malware stuff.
Kyle Cucci
 @d4rksystem
Sep 24, 2024

In one of the #MalwareAnalysis communities I’m in, we were talking about Go malware. Someone mentioned CAPA as a good tool. I have to say, it’s really helpful for finding the 50kb of interesting code buried inside a 5mb Go binary 😎What other tools do you use?

d4rksystem's tweet image. In one of the #MalwareAnalysis communities I’m in, we were talking about Go malware. Someone mentioned CAPA as a good tool. I have to say, it’s really helpful for finding the 50kb of interesting code buried inside a 5mb Go binary 😎What other tools do you use?
9
27
126
71
17K
PolySwarm's profile picture. A threat intelligence & detection community helping security teams detect new & emerging malware. Ticker: $NCT Join our Discord: https://t.co/AVknm1YZjh
PolySwarm 🇺🇸
 @PolySwarm
Nov 18

PolySwarm empowers security teams with private, scalable malware analysis and real-time intelligence, designed for today’s threat landscape. #CyberSecurity #ThreatIntelligence #MalwareAnalysis

PolySwarm's tweet image. PolySwarm empowers security teams with private, scalable malware analysis and real-time intelligence, designed for today’s threat landscape. #CyberSecurity #ThreatIntelligence #MalwareAnalysis
1
7
24
0
670
Ejokejohn's profile picture. https://t.co/PMNf5LGRFx (Ed) Computer Science || Cybersecurity Analyst || (CCST) || ISO/IEC 27001:2022 Associate || Cyber Threat Intelligence ||
Ejoke John Oghenekewe
 @Ejokejohn
Oct 3

Revisited my malware analysis project using FLARE VM and upgraded it with a custom YARA rule to hunt AgentTesla variants. Proud of how it turned out. Shoutout to @ireteeh and @Cyblackorg for this opportunity 🙂 #MalwareAnalysis #YARARules #Cybersecurity #ThreatHunting #FLAREVM

Ejokejohn's tweet image. Revisited my malware analysis project using FLARE VM and upgraded it with a custom YARA rule to hunt AgentTesla variants. Proud of how it turned out. Shoutout to @ireteeh and @Cyblackorg for this opportunity 🙂 #MalwareAnalysis #YARARules #Cybersecurity #ThreatHunting #FLAREVM
2
5
15
1
1K
8kSec's profile picture. Offensive Security Trainings and Services. OnDemand Mobile Security Courses - https://t.co/B8Q31o3o8q Follow us on Linkedin https://t.co/Td3Ww1uMgt
8kSec
@8kSec
Apr 30

🦠💻Explore Part 2 of our Windows Malware blog series on process injections: 8ksec.io/dissecting-win… 📈Ready to sharpen your skills? Browse our courses here: academy.8ksec.io/course/practic… #MalwareAnalysis #Windows #ReverseEngineering

8kSec's tweet image. 🦠💻Explore Part 2 of our Windows Malware blog series on process injections: 8ksec.io/dissecting-win… 📈Ready to sharpen your skills? Browse our courses here: academy.8ksec.io/course/practic… #MalwareAnalysis #Windows #ReverseEngineering
0
4
10
4
463
anyrun_app's profile picture. Empowering businesses with proactive security solutions: Interactive Sandbox, TI Lookup and Feeds. Sign up: https://t.co/8hIX0Qh5ME
ANY.RUN
@anyrun_app
May 14, 2024

Meme time! 🤭 Been there, done that‍ 😳 #malwareanalysis #malware #SOC #cybersecurity

anyrun_app's tweet image. Meme time! 🤭 Been there, done that‍ 😳 #malwareanalysis #malware #SOC #cybersecurity
0
2
12
0
1K
MalFuzzer's profile picture. Author of MAoS - Malware Analysis on Steroids & Antivirus Bypass Techniques | Cybersecurity Researcher | Keynote Speaker | Co-Founder @TrainSec Academy
Uriel Kosayev
@MalFuzzer
Sep 17

🔥 A week after release and thank God, MAoS – Malware Analysis on Steroids is officially a #1 Best Seller on Amazon! Get your copy today: amazon.com/gp/aw/d/B0FQDL… #CyberSecurity #MalwareAnalysis #ReverseEngineering #Infosec #MAoS #TrainSec #OffensiveSecurity #Malware

MalFuzzer's tweet image. 🔥 A week after release and thank God, MAoS – Malware Analysis on Steroids is officially a #1 Best Seller on Amazon! Get your copy today: amazon.com/gp/aw/d/B0FQDL… #CyberSecurity #MalwareAnalysis #ReverseEngineering #Infosec #MAoS #TrainSec #OffensiveSecurity #Malware
MalFuzzer's tweet image. 🔥 A week after release and thank God, MAoS – Malware Analysis on Steroids is officially a #1 Best Seller on Amazon! Get your copy today: amazon.com/gp/aw/d/B0FQDL… #CyberSecurity #MalwareAnalysis #ReverseEngineering #Infosec #MAoS #TrainSec #OffensiveSecurity #Malware
1
2
20
1
2K
MalFuzzer's profile picture. Author of MAoS - Malware Analysis on Steroids & Antivirus Bypass Techniques | Cybersecurity Researcher | Keynote Speaker | Co-Founder @TrainSec Academy
Uriel Kosayev
@MalFuzzer
Jan 8

Always fun to get such messages on my malware analysis courses 🚀🔥 #malwareanalysis #cybersecurity

MalFuzzer's tweet image. Always fun to get such messages on my malware analysis courses 🚀🔥 #malwareanalysis #cybersecurity
0
1
3
0
358
cyberfeeddigest's profile picture. I deliver daily #DarkWeb ,#DeepWeb and #CTI feeds,and a bit of geopolitical clashes #Darkweb #Deepweb #Ransomware #Malware #Databreach #CTI #ThreatIntel
darkweb-deepwebfeed
 @cyberfeeddigest
Jan 17

🔍 #Opendir Alert! 📂 Target: ⚠️ hxxps://m[.]bureaux[.]fr/ 📄 Sample Files: Advanced IP Scanner.exe AnyDesk.exe AnyDesk.apk ⚡ Repository contains .apk & .exe files. Handle with caution! 🛡️ 🎯 Potential resource for malware analysts. #CyberSecurity #MalwareAnalysis

cyberfeeddigest's tweet image. 🔍 #Opendir Alert! 📂 Target: ⚠️ hxxps://m[.]bureaux[.]fr/ 📄 Sample Files: Advanced IP Scanner.exe AnyDesk.exe AnyDesk.apk ⚡ Repository contains .apk & .exe files. Handle with caution! 🛡️ 🎯 Potential resource for malware analysts. #CyberSecurity #MalwareAnalysis…
6
3
27
7
2K
8kSec's profile picture. Offensive Security Trainings and Services. OnDemand Mobile Security Courses - https://t.co/B8Q31o3o8q Follow us on Linkedin https://t.co/Td3Ww1uMgt
8kSec
@8kSec
May 5

🦠💻Discover three key ways malware leverages data encoding to evade detection: 8ksec.io/dissecting-win… 📈Want to deepen your expertise? Explore our courses here: academy.8ksec.io/course/practic… #MalwareAnalysis #Windows #ReverseEngineering

8kSec's tweet image. 🦠💻Discover three key ways malware leverages data encoding to evade detection: 8ksec.io/dissecting-win… 📈Want to deepen your expertise? Explore our courses here: academy.8ksec.io/course/practic… #MalwareAnalysis #Windows #ReverseEngineering
0
3
8
2
509
0xor0ne's profile picture. | CyberSecurity | Reverse Engineering | C and Rust | Exploit | Linux kernel | PhD | My Tweets, My Opinions :) |
0xor0ne
@0xor0ne
May 4, 2024

FLARE floss applied to all unpacked+dumped samples in Malpedia Nice project by Daniel Plohmann (@push_pnx) Blog post: danielplohmann.github.io/blog/2024/03/0… Github repo: github.com/malpedia/malpe… #malwareanalysis #infosec

0xor0ne's tweet image. FLARE floss applied to all unpacked+dumped samples in Malpedia Nice project by Daniel Plohmann (@push_pnx) Blog post: danielplohmann.github.io/blog/2024/03/0… Github repo: github.com/malpedia/malpe… #malwareanalysis #infosec
0xor0ne's tweet image. FLARE floss applied to all unpacked+dumped samples in Malpedia Nice project by Daniel Plohmann (@push_pnx) Blog post: danielplohmann.github.io/blog/2024/03/0… Github repo: github.com/malpedia/malpe… #malwareanalysis #infosec
2
28
143
48
11K

Something went wrong.


Something went wrong.


United States Trends