├── .devcontainer.json ├── .gitattributes ├── .github ├── ISSUE_TEMPLATE │ └── upgrade.md └── workflows │ ├── check_cdns.yaml │ ├── check_config.yaml │ ├── ci.yaml │ ├── docker-nbdev.yaml │ ├── gh-page.yaml │ └── upgrade.yaml ├── .gitignore ├── CNAME ├── Gemfile ├── LICENSE ├── Makefile ├── README.md ├── _action_files ├── Dockerfile ├── __init__.py ├── action.yml ├── action_entrypoint.sh ├── check_js.sh ├── fast_template.py ├── fastpages-jekyll.Dockerfile ├── fastpages.tpl ├── hide.tpl ├── nb2post.py ├── parse_netlify.py ├── pr_comment.sh ├── settings.ini ├── word2post.py ├── word2post.sh └── word_front_matter.txt ├── _config.yml ├── _fastpages_docs ├── CONTRIBUTING.md ├── DEVELOPMENT.md ├── NOTEBOOK_FOOTNOTES.md ├── README_TEMPLATE.md ├── TROUBLESHOOTING.md ├── UPGRADE.md ├── _checkbox.png ├── _manual_setup.md ├── _paginate.png ├── _post_tags.png ├── _setup_pr_template.md ├── _show_image_true.png ├── _upgrade_pr.md ├── annotate.png ├── enable_actions.png ├── fastapges-setup.gif ├── highlight_dracula.png ├── highlight_original.png ├── upgrade_step1.png ├── upgrade_step2.png ├── upgrade_step3.png └── version.txt ├── _includes ├── alert.html ├── custom-head.html ├── favicons.html ├── google-analytics.html ├── head.html ├── image-r ├── image.html ├── important.html ├── info.html ├── note.html ├── notebook_binder_link.html ├── notebook_colab_link.html ├── notebook_deepnote_link.html ├── notebook_github_link.html ├── post_list.html ├── post_list_image_card.html ├── reading_time.html ├── screenshot ├── tip.html ├── toc.html ├── twitter.html ├── utterances.html ├── video.html ├── warning.html └── youtube.html ├── _layouts ├── categories.html ├── home.html ├── notebook.html └── post.html ├── _notebooks ├── .gitignore ├── .virtual_documents │ ├── 2024-07-07-zharkbot.ipynb │ ├── 2024-08-26-python-hunting.ipynb │ ├── 2024-09-02-zharkbot-config.ipynb │ └── Untitled.ipynb ├── 2021-05-31-warzone_rat_config.ipynb ├── 2021-06-27-python3_examples.ipynb ├── 2021-07-14-dot_net_static_analysis.ipynb ├── 2021-07-26-python3_reversing_tips.ipynb ├── 2021-09-27-squirrelwaffle.ipynb ├── 2021-10-04-hancitor.ipynb ├── 2021-10-08-darkside_ransomware.ipynb ├── 2021-10-28-blackmatter_ransomware.ipynb ├── 2021-10-30-blackmatter_ransomware_v3.ipynb ├── 2021-11-05-blackmatter_ransomware_esxi.ipynb ├── 2021-11-18-emotet.ipynb ├── 2021-11-30-dridex_loader.ipynb ├── 2021-12-22-qakbot.ipynb ├── 2022-01-06-nightsky_ransomware.ipynb ├── 2022-01-20-whisper_gate.ipynb ├── 2022-01-27-hackingteam_soldier.ipynb ├── 2022-01-30-jupyter_stealer.ipynb ├── 2022-02-20-polyglot_dropper_ghost.ipynb ├── 2022-02-27-hermetic_wiper.ipynb ├── 2022-03-03-conti_ransomware_source.ipynb ├── 2022-03-10-hermetic_wizard.ipynb ├── 2022-03-16-blackcat_ransomware.ipynb ├── 2022-03-19-pandora_ransomware.ipynb ├── 2022-03-26-angr_notes.ipynb ├── 2022-04-06-emotet_deobfuscation.ipynb ├── 2022-04-13-symbolic_execution_basics.ipynb ├── 2022-04-20-emotet_deobfuscation_generic.ipynb ├── 2022-04-30-emotet_x64.ipynb ├── 2022-05-03-syscall_reversing.ipynb ├── 2022-05-06-MagniberRansomware.ipynb ├── 2022-05-12-bumblebee_loader.ipynb ├── 2022-05-19-emotet_x64_emulation.ipynb ├── 2022-05-26-does-entropy-matter.ipynb ├── 2022-05-29-traige-amadey-loader.ipynb ├── 2022-06-09-cobaltstrike.ipynb ├── 2022-06-12-downloader-triage.ipynb ├── 2022-06-16-diceloader.ipynb ├── 2022-06-19-matanbuchus-triage.ipynb ├── 2022-07-07-lockbit3.ipynb ├── 2022-08-25-smokeloader.ipynb ├── 2022-09-04-dbatloader.ipynb ├── 2022-09-08-privateloader.ipynb ├── 2022-09-18-clipboard-hijacker.ipynb ├── 2022-10-06-isfb.ipynb ├── 2022-10-09-icarus.ipynb ├── 2022-10-13-threat_intel_simple_bot_tracker.ipynb ├── 2022-10-20-bitrat.ipynb ├── 2022-11-06-cpp_stl.ipynb ├── 2022-11-13-amadey.ipynb ├── 2022-11-17-agenttesla.ipynb ├── 2022-11-20-tofsee.ipynb ├── 2022-11-24-powershell-shellcode.ipynb ├── 2022-11-27-laplace.ipynb ├── 2022-12-01-titan_stealer.ipynb ├── 2022-12-11-brute-ratel.ipynb ├── 2022-12-16-guloader.ipynb ├── 2023-01-15-dumpulator-veh.ipynb ├── 2023-01-19-rhadamanthys.ipynb ├── 2023-02-09-yara-megaprimer.ipynb ├── 2023-02-16-soulsearcher-worm.ipynb ├── 2023-02-26-pikabot.ipynb ├── 2023-03-12-qvoid-stealer.ipynb ├── 2023-03-15-healer-avkiller.ipynb ├── 2023-03-16-cryptbot.ipynb ├── 2023-03-19-onenote.ipynb ├── 2023-03-30-3cx-malware.ipynb ├── 2023-04-02-aresloader.ipynb ├── 2023-04-06-photoloader.ipynb ├── 2023-04-13-quasar-chaos.ipynb ├── 2023-04-16-xorstringsnet.ipynb ├── 2023-04-20-cryptnet.ipynb ├── 2023-04-23-in2al5dp3in4er.ipynb ├── 2023-04-30-satacom.ipynb ├── 2023-05-07-streala.ipynb ├── 2023-05-11-metastealer.ipynb ├── 2023-05-28-amsifun.ipynb ├── 2023-06-15-risepro.ipynb ├── 2023-06-25-xorstr.ipynb ├── 2023-07-02-multichain-delivery.ipynb ├── 2023-07-06-status-recorder.ipynb ├── 2023-07-13-truebot.ipynb ├── 2023-07-16-lobshot.ipynb ├── 2023-07-20-rootteam.ipynb ├── 2023-07-24-gupteba.ipynb ├── 2023-07-31-bandit-garble.ipynb ├── 2023-08-03-garble.ipynb ├── 2023-08-17-limerat.ipynb ├── 2023-08-27-attack-crypter.ipynb ├── 2023-09-03-stack-strings.ipynb ├── 2023-10-01-mystic_stealer.ipynb ├── 2023-10-08-advobfuscator.ipynb ├── 2023-10-15-ExtendedADVDecryption.ipynb ├── 2023-10-22-origin-logger.ipynb ├── 2023-10-29-sparkrat.ipynb ├── 2023-11-05-live-ledger.ipynb ├── 2023-11-12-new-pikabot.ipynb ├── 2023-11-19-new-pikabot-strings.ipynb ├── 2023-12-04-danabot.ipynb ├── 2023-12-17-danabot-core.ipynb ├── 2024-01-07-into-to-vms.ipynb ├── 2024-01-21-vmzeus-disassembler.ipynb ├── 2024-03-03-lua-malware.ipynb ├── 2024-03-17-new-gcleaner.ipynb ├── 2024-04-07-lumma-cff.ipynb ├── 2024-04-28-cosmu.ipynb ├── 2024-05-12-python-malware.ipynb ├── 2024-07-07-zharkbot.ipynb ├── 2024-07-12-emulating-themida.ipynb ├── 2024-08-26-python-hunting.ipynb ├── 2024-09-02-zharkbot-config.ipynb ├── 2024-09-11-cred-flusher.ipynb ├── 2024-09-16-emmenhtal.ipynb ├── 2024-09-30-latrodectus.ipynb ├── 2024-11-21-spectre-ops.ipynb └── 2024-12-06-cryptbot2.ipynb ├── _pages ├── 404.html └── tags.html ├── _plugins ├── footnote-detail.rb └── footnote.rb ├── _posts ├── .gitignore └── README.md ├── _sass └── minima │ ├── custom-styles.scss │ ├── custom-variables.scss │ ├── dark-mode.scss │ ├── fastpages-dracula-highlight.scss │ └── fastpages-styles.scss ├── _word └── README.md ├── assets ├── badges │ ├── binder.svg │ ├── colab.svg │ ├── deepnote.svg │ └── github.svg └── js │ ├── search-data.json │ ├── search.js │ └── vendor │ └── lunr.min.js ├── docker-compose.yml ├── images ├── chart-preview.png ├── copied_from_nb │ └── README.md ├── diagram.png ├── favicon.ico └── logo.png └── index.html /.devcontainer.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/.devcontainer.json -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/.gitattributes -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/upgrade.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/.github/ISSUE_TEMPLATE/upgrade.md -------------------------------------------------------------------------------- /.github/workflows/check_cdns.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/.github/workflows/check_cdns.yaml -------------------------------------------------------------------------------- /.github/workflows/check_config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/.github/workflows/check_config.yaml -------------------------------------------------------------------------------- /.github/workflows/ci.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/.github/workflows/ci.yaml -------------------------------------------------------------------------------- /.github/workflows/docker-nbdev.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/.github/workflows/docker-nbdev.yaml -------------------------------------------------------------------------------- /.github/workflows/gh-page.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/.github/workflows/gh-page.yaml -------------------------------------------------------------------------------- /.github/workflows/upgrade.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/.github/workflows/upgrade.yaml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/.gitignore -------------------------------------------------------------------------------- /CNAME: -------------------------------------------------------------------------------- 1 | research.openanalysis.net 2 | -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/Gemfile -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/LICENSE -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/Makefile -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/README.md -------------------------------------------------------------------------------- /_action_files/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_action_files/Dockerfile -------------------------------------------------------------------------------- /_action_files/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /_action_files/action.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_action_files/action.yml -------------------------------------------------------------------------------- /_action_files/action_entrypoint.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_action_files/action_entrypoint.sh -------------------------------------------------------------------------------- /_action_files/check_js.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_action_files/check_js.sh -------------------------------------------------------------------------------- /_action_files/fast_template.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_action_files/fast_template.py -------------------------------------------------------------------------------- /_action_files/fastpages-jekyll.Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_action_files/fastpages-jekyll.Dockerfile -------------------------------------------------------------------------------- /_action_files/fastpages.tpl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_action_files/fastpages.tpl -------------------------------------------------------------------------------- /_action_files/hide.tpl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_action_files/hide.tpl -------------------------------------------------------------------------------- /_action_files/nb2post.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_action_files/nb2post.py -------------------------------------------------------------------------------- /_action_files/parse_netlify.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_action_files/parse_netlify.py -------------------------------------------------------------------------------- /_action_files/pr_comment.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_action_files/pr_comment.sh -------------------------------------------------------------------------------- /_action_files/settings.ini: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_action_files/settings.ini -------------------------------------------------------------------------------- /_action_files/word2post.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_action_files/word2post.py -------------------------------------------------------------------------------- /_action_files/word2post.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_action_files/word2post.sh -------------------------------------------------------------------------------- /_action_files/word_front_matter.txt: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | --- 4 | -------------------------------------------------------------------------------- /_config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_config.yml -------------------------------------------------------------------------------- /_fastpages_docs/CONTRIBUTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_fastpages_docs/CONTRIBUTING.md -------------------------------------------------------------------------------- /_fastpages_docs/DEVELOPMENT.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_fastpages_docs/DEVELOPMENT.md -------------------------------------------------------------------------------- /_fastpages_docs/NOTEBOOK_FOOTNOTES.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_fastpages_docs/NOTEBOOK_FOOTNOTES.md -------------------------------------------------------------------------------- /_fastpages_docs/README_TEMPLATE.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_fastpages_docs/README_TEMPLATE.md -------------------------------------------------------------------------------- /_fastpages_docs/TROUBLESHOOTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_fastpages_docs/TROUBLESHOOTING.md -------------------------------------------------------------------------------- /_fastpages_docs/UPGRADE.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_fastpages_docs/UPGRADE.md -------------------------------------------------------------------------------- /_fastpages_docs/_checkbox.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_fastpages_docs/_checkbox.png -------------------------------------------------------------------------------- /_fastpages_docs/_manual_setup.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_fastpages_docs/_manual_setup.md -------------------------------------------------------------------------------- /_fastpages_docs/_paginate.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_fastpages_docs/_paginate.png -------------------------------------------------------------------------------- /_fastpages_docs/_post_tags.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_fastpages_docs/_post_tags.png -------------------------------------------------------------------------------- /_fastpages_docs/_setup_pr_template.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_fastpages_docs/_setup_pr_template.md -------------------------------------------------------------------------------- /_fastpages_docs/_show_image_true.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_fastpages_docs/_show_image_true.png -------------------------------------------------------------------------------- /_fastpages_docs/_upgrade_pr.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_fastpages_docs/_upgrade_pr.md -------------------------------------------------------------------------------- /_fastpages_docs/annotate.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_fastpages_docs/annotate.png -------------------------------------------------------------------------------- /_fastpages_docs/enable_actions.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_fastpages_docs/enable_actions.png -------------------------------------------------------------------------------- /_fastpages_docs/fastapges-setup.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_fastpages_docs/fastapges-setup.gif -------------------------------------------------------------------------------- /_fastpages_docs/highlight_dracula.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_fastpages_docs/highlight_dracula.png -------------------------------------------------------------------------------- /_fastpages_docs/highlight_original.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_fastpages_docs/highlight_original.png -------------------------------------------------------------------------------- /_fastpages_docs/upgrade_step1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_fastpages_docs/upgrade_step1.png -------------------------------------------------------------------------------- /_fastpages_docs/upgrade_step2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_fastpages_docs/upgrade_step2.png -------------------------------------------------------------------------------- /_fastpages_docs/upgrade_step3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_fastpages_docs/upgrade_step3.png -------------------------------------------------------------------------------- /_fastpages_docs/version.txt: -------------------------------------------------------------------------------- 1 | 2.1.48 2 | -------------------------------------------------------------------------------- /_includes/alert.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/alert.html -------------------------------------------------------------------------------- /_includes/custom-head.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/custom-head.html -------------------------------------------------------------------------------- /_includes/favicons.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/favicons.html -------------------------------------------------------------------------------- /_includes/google-analytics.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/google-analytics.html -------------------------------------------------------------------------------- /_includes/head.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/head.html -------------------------------------------------------------------------------- /_includes/image-r: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/image-r -------------------------------------------------------------------------------- /_includes/image.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/image.html -------------------------------------------------------------------------------- /_includes/important.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/important.html -------------------------------------------------------------------------------- /_includes/info.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/info.html -------------------------------------------------------------------------------- /_includes/note.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/note.html -------------------------------------------------------------------------------- /_includes/notebook_binder_link.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/notebook_binder_link.html -------------------------------------------------------------------------------- /_includes/notebook_colab_link.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/notebook_colab_link.html -------------------------------------------------------------------------------- /_includes/notebook_deepnote_link.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/notebook_deepnote_link.html -------------------------------------------------------------------------------- /_includes/notebook_github_link.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/notebook_github_link.html -------------------------------------------------------------------------------- /_includes/post_list.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/post_list.html -------------------------------------------------------------------------------- /_includes/post_list_image_card.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/post_list_image_card.html -------------------------------------------------------------------------------- /_includes/reading_time.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/reading_time.html -------------------------------------------------------------------------------- /_includes/screenshot: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/screenshot -------------------------------------------------------------------------------- /_includes/tip.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/tip.html -------------------------------------------------------------------------------- /_includes/toc.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/toc.html -------------------------------------------------------------------------------- /_includes/twitter.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/twitter.html -------------------------------------------------------------------------------- /_includes/utterances.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/utterances.html -------------------------------------------------------------------------------- /_includes/video.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/video.html -------------------------------------------------------------------------------- /_includes/warning.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/warning.html -------------------------------------------------------------------------------- /_includes/youtube.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_includes/youtube.html -------------------------------------------------------------------------------- /_layouts/categories.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_layouts/categories.html -------------------------------------------------------------------------------- /_layouts/home.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_layouts/home.html -------------------------------------------------------------------------------- /_layouts/notebook.html: -------------------------------------------------------------------------------- 1 | --- 2 | layout: post 3 | --- 4 | 5 | {{ content }} 6 | -------------------------------------------------------------------------------- /_layouts/post.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_layouts/post.html -------------------------------------------------------------------------------- /_notebooks/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/.gitignore -------------------------------------------------------------------------------- /_notebooks/.virtual_documents/2024-07-07-zharkbot.ipynb: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /_notebooks/.virtual_documents/2024-08-26-python-hunting.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/.virtual_documents/2024-08-26-python-hunting.ipynb -------------------------------------------------------------------------------- /_notebooks/.virtual_documents/2024-09-02-zharkbot-config.ipynb: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /_notebooks/.virtual_documents/Untitled.ipynb: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /_notebooks/2021-05-31-warzone_rat_config.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2021-05-31-warzone_rat_config.ipynb -------------------------------------------------------------------------------- /_notebooks/2021-06-27-python3_examples.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2021-06-27-python3_examples.ipynb -------------------------------------------------------------------------------- /_notebooks/2021-07-14-dot_net_static_analysis.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2021-07-14-dot_net_static_analysis.ipynb -------------------------------------------------------------------------------- /_notebooks/2021-07-26-python3_reversing_tips.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2021-07-26-python3_reversing_tips.ipynb -------------------------------------------------------------------------------- /_notebooks/2021-09-27-squirrelwaffle.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2021-09-27-squirrelwaffle.ipynb -------------------------------------------------------------------------------- /_notebooks/2021-10-04-hancitor.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2021-10-04-hancitor.ipynb -------------------------------------------------------------------------------- /_notebooks/2021-10-08-darkside_ransomware.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2021-10-08-darkside_ransomware.ipynb -------------------------------------------------------------------------------- /_notebooks/2021-10-28-blackmatter_ransomware.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2021-10-28-blackmatter_ransomware.ipynb -------------------------------------------------------------------------------- /_notebooks/2021-10-30-blackmatter_ransomware_v3.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2021-10-30-blackmatter_ransomware_v3.ipynb -------------------------------------------------------------------------------- /_notebooks/2021-11-05-blackmatter_ransomware_esxi.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2021-11-05-blackmatter_ransomware_esxi.ipynb -------------------------------------------------------------------------------- /_notebooks/2021-11-18-emotet.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2021-11-18-emotet.ipynb -------------------------------------------------------------------------------- /_notebooks/2021-11-30-dridex_loader.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2021-11-30-dridex_loader.ipynb -------------------------------------------------------------------------------- /_notebooks/2021-12-22-qakbot.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2021-12-22-qakbot.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-01-06-nightsky_ransomware.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-01-06-nightsky_ransomware.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-01-20-whisper_gate.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-01-20-whisper_gate.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-01-27-hackingteam_soldier.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-01-27-hackingteam_soldier.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-01-30-jupyter_stealer.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-01-30-jupyter_stealer.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-02-20-polyglot_dropper_ghost.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-02-20-polyglot_dropper_ghost.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-02-27-hermetic_wiper.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-02-27-hermetic_wiper.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-03-03-conti_ransomware_source.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-03-03-conti_ransomware_source.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-03-10-hermetic_wizard.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-03-10-hermetic_wizard.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-03-16-blackcat_ransomware.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-03-16-blackcat_ransomware.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-03-19-pandora_ransomware.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-03-19-pandora_ransomware.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-03-26-angr_notes.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-03-26-angr_notes.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-04-06-emotet_deobfuscation.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-04-06-emotet_deobfuscation.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-04-13-symbolic_execution_basics.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-04-13-symbolic_execution_basics.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-04-20-emotet_deobfuscation_generic.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-04-20-emotet_deobfuscation_generic.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-04-30-emotet_x64.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-04-30-emotet_x64.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-05-03-syscall_reversing.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-05-03-syscall_reversing.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-05-06-MagniberRansomware.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-05-06-MagniberRansomware.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-05-12-bumblebee_loader.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-05-12-bumblebee_loader.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-05-19-emotet_x64_emulation.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-05-19-emotet_x64_emulation.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-05-26-does-entropy-matter.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-05-26-does-entropy-matter.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-05-29-traige-amadey-loader.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-05-29-traige-amadey-loader.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-06-09-cobaltstrike.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-06-09-cobaltstrike.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-06-12-downloader-triage.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-06-12-downloader-triage.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-06-16-diceloader.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-06-16-diceloader.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-06-19-matanbuchus-triage.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-06-19-matanbuchus-triage.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-07-07-lockbit3.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-07-07-lockbit3.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-08-25-smokeloader.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-08-25-smokeloader.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-09-04-dbatloader.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-09-04-dbatloader.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-09-08-privateloader.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-09-08-privateloader.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-09-18-clipboard-hijacker.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-09-18-clipboard-hijacker.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-10-06-isfb.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-10-06-isfb.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-10-09-icarus.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-10-09-icarus.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-10-13-threat_intel_simple_bot_tracker.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-10-13-threat_intel_simple_bot_tracker.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-10-20-bitrat.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-10-20-bitrat.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-11-06-cpp_stl.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-11-06-cpp_stl.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-11-13-amadey.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-11-13-amadey.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-11-17-agenttesla.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-11-17-agenttesla.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-11-20-tofsee.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-11-20-tofsee.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-11-24-powershell-shellcode.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-11-24-powershell-shellcode.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-11-27-laplace.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-11-27-laplace.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-12-01-titan_stealer.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-12-01-titan_stealer.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-12-11-brute-ratel.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-12-11-brute-ratel.ipynb -------------------------------------------------------------------------------- /_notebooks/2022-12-16-guloader.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2022-12-16-guloader.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-01-15-dumpulator-veh.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-01-15-dumpulator-veh.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-01-19-rhadamanthys.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-01-19-rhadamanthys.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-02-09-yara-megaprimer.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-02-09-yara-megaprimer.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-02-16-soulsearcher-worm.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-02-16-soulsearcher-worm.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-02-26-pikabot.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-02-26-pikabot.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-03-12-qvoid-stealer.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-03-12-qvoid-stealer.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-03-15-healer-avkiller.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-03-15-healer-avkiller.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-03-16-cryptbot.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-03-16-cryptbot.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-03-19-onenote.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-03-19-onenote.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-03-30-3cx-malware.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-03-30-3cx-malware.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-04-02-aresloader.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-04-02-aresloader.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-04-06-photoloader.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-04-06-photoloader.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-04-13-quasar-chaos.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-04-13-quasar-chaos.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-04-16-xorstringsnet.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-04-16-xorstringsnet.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-04-20-cryptnet.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-04-20-cryptnet.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-04-23-in2al5dp3in4er.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-04-23-in2al5dp3in4er.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-04-30-satacom.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-04-30-satacom.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-05-07-streala.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-05-07-streala.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-05-11-metastealer.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-05-11-metastealer.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-05-28-amsifun.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-05-28-amsifun.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-06-15-risepro.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-06-15-risepro.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-06-25-xorstr.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-06-25-xorstr.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-07-02-multichain-delivery.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-07-02-multichain-delivery.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-07-06-status-recorder.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-07-06-status-recorder.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-07-13-truebot.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-07-13-truebot.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-07-16-lobshot.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-07-16-lobshot.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-07-20-rootteam.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-07-20-rootteam.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-07-24-gupteba.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-07-24-gupteba.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-07-31-bandit-garble.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-07-31-bandit-garble.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-08-03-garble.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-08-03-garble.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-08-17-limerat.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-08-17-limerat.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-08-27-attack-crypter.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-08-27-attack-crypter.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-09-03-stack-strings.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-09-03-stack-strings.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-10-01-mystic_stealer.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-10-01-mystic_stealer.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-10-08-advobfuscator.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-10-08-advobfuscator.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-10-15-ExtendedADVDecryption.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-10-15-ExtendedADVDecryption.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-10-22-origin-logger.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-10-22-origin-logger.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-10-29-sparkrat.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-10-29-sparkrat.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-11-05-live-ledger.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-11-05-live-ledger.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-11-12-new-pikabot.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-11-12-new-pikabot.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-11-19-new-pikabot-strings.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-11-19-new-pikabot-strings.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-12-04-danabot.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-12-04-danabot.ipynb -------------------------------------------------------------------------------- /_notebooks/2023-12-17-danabot-core.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2023-12-17-danabot-core.ipynb -------------------------------------------------------------------------------- /_notebooks/2024-01-07-into-to-vms.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2024-01-07-into-to-vms.ipynb -------------------------------------------------------------------------------- /_notebooks/2024-01-21-vmzeus-disassembler.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2024-01-21-vmzeus-disassembler.ipynb -------------------------------------------------------------------------------- /_notebooks/2024-03-03-lua-malware.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2024-03-03-lua-malware.ipynb -------------------------------------------------------------------------------- /_notebooks/2024-03-17-new-gcleaner.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2024-03-17-new-gcleaner.ipynb -------------------------------------------------------------------------------- /_notebooks/2024-04-07-lumma-cff.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2024-04-07-lumma-cff.ipynb -------------------------------------------------------------------------------- /_notebooks/2024-04-28-cosmu.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2024-04-28-cosmu.ipynb -------------------------------------------------------------------------------- /_notebooks/2024-05-12-python-malware.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2024-05-12-python-malware.ipynb -------------------------------------------------------------------------------- /_notebooks/2024-07-07-zharkbot.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2024-07-07-zharkbot.ipynb -------------------------------------------------------------------------------- /_notebooks/2024-07-12-emulating-themida.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2024-07-12-emulating-themida.ipynb -------------------------------------------------------------------------------- /_notebooks/2024-08-26-python-hunting.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2024-08-26-python-hunting.ipynb -------------------------------------------------------------------------------- /_notebooks/2024-09-02-zharkbot-config.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2024-09-02-zharkbot-config.ipynb -------------------------------------------------------------------------------- /_notebooks/2024-09-11-cred-flusher.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2024-09-11-cred-flusher.ipynb -------------------------------------------------------------------------------- /_notebooks/2024-09-16-emmenhtal.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2024-09-16-emmenhtal.ipynb -------------------------------------------------------------------------------- /_notebooks/2024-09-30-latrodectus.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2024-09-30-latrodectus.ipynb -------------------------------------------------------------------------------- /_notebooks/2024-11-21-spectre-ops.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2024-11-21-spectre-ops.ipynb -------------------------------------------------------------------------------- /_notebooks/2024-12-06-cryptbot2.ipynb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_notebooks/2024-12-06-cryptbot2.ipynb -------------------------------------------------------------------------------- /_pages/404.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_pages/404.html -------------------------------------------------------------------------------- /_pages/tags.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_pages/tags.html -------------------------------------------------------------------------------- /_plugins/footnote-detail.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_plugins/footnote-detail.rb -------------------------------------------------------------------------------- /_plugins/footnote.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_plugins/footnote.rb -------------------------------------------------------------------------------- /_posts/.gitignore: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /_posts/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_posts/README.md -------------------------------------------------------------------------------- /_sass/minima/custom-styles.scss: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_sass/minima/custom-styles.scss -------------------------------------------------------------------------------- /_sass/minima/custom-variables.scss: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_sass/minima/custom-variables.scss -------------------------------------------------------------------------------- /_sass/minima/dark-mode.scss: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_sass/minima/dark-mode.scss -------------------------------------------------------------------------------- /_sass/minima/fastpages-dracula-highlight.scss: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_sass/minima/fastpages-dracula-highlight.scss -------------------------------------------------------------------------------- /_sass/minima/fastpages-styles.scss: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_sass/minima/fastpages-styles.scss -------------------------------------------------------------------------------- /_word/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/_word/README.md -------------------------------------------------------------------------------- /assets/badges/binder.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/assets/badges/binder.svg -------------------------------------------------------------------------------- /assets/badges/colab.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/assets/badges/colab.svg -------------------------------------------------------------------------------- /assets/badges/deepnote.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/assets/badges/deepnote.svg -------------------------------------------------------------------------------- /assets/badges/github.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/assets/badges/github.svg -------------------------------------------------------------------------------- /assets/js/search-data.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/assets/js/search-data.json -------------------------------------------------------------------------------- /assets/js/search.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/assets/js/search.js -------------------------------------------------------------------------------- /assets/js/vendor/lunr.min.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/assets/js/vendor/lunr.min.js -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/docker-compose.yml -------------------------------------------------------------------------------- /images/chart-preview.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/images/chart-preview.png -------------------------------------------------------------------------------- /images/copied_from_nb/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/images/copied_from_nb/README.md -------------------------------------------------------------------------------- /images/diagram.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/images/diagram.png -------------------------------------------------------------------------------- /images/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/images/favicon.ico -------------------------------------------------------------------------------- /images/logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/images/logo.png -------------------------------------------------------------------------------- /index.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/OALabs/research/HEAD/index.html --------------------------------------------------------------------------------