I had a great time last week at the KwaraBuild Tech Conference where I held a workshop on OSINT. It was great to see attendees have those "aha!" moments during the live demos. Big thanks to the organizers for having me and to everyone who stopped by!
This Excel document contains malicious macros that are obfuscated to avoid detection. When opened and macros are enabled, it attempts to reach out to external resources hosted on malicious URLs and download and execute additional payloads. Source: ht...
The Vjw0rm script is JavaScript malware with layered obfuscation. It is a Remote Access Trojan (RAT) designed to perform various malicious operations on a Windows system through the Windows Script Host (WSH) environment. When run, it decodes obfuscat...
In this exercise, I analysed a Remote Access Trojan binary, njRAT.exe, sourced from the Zoo malware repository on GitHub. Analysis revealed that the sample was originally compiled in 2013 as EnKSaR.HaCKeR.exe. The malware is designed to grant an atta...