BlackSanta EDR Killer: Deep Dive into DWrite.dll (Part 1 — Loader Analysis)
Scope: This is Part 1 of the BlackSanta analysis series, focusing exclusively on the DWrite.dll loader component. Part 2 will cover the BlackSanta EDR-kil...
Posts by Category
malware-analysis
0APT Ransomware: Deep Dive into a Rust-Based Windows Encryptor
0APT Ransomware: Deep Dive into a Rust-Based Windows Encryptor
Qilin Ransomware (Rust Variant) Analysis
Qilin Ransomware (Rust Variant) Analysis
Tearing Apart GRIDTIDE: Reversing a Google Sheets Backdoor and Rebuilding Its C2
Analysis of GRIDTIDE — a Linux x86-64 backdoor using the Google Sheets API as a bidirectional C2 channel. AES-128-CBC config decryption, OAuth2 JWT Bearer au...
Matanbuchus 3.0 — A Deep Dive into a Loader-as-a-Service
A comprehensive reverse-engineering analysis of Matanbuchus 3.0, covering its multi-layered obfuscation framework, encrypted C2 protocol, command dispatch ar...
lab-setup
Malware ML Lab – Part 1: Setting Up My Jetson Orin Nano Research Node
Building a dedicated edge ML node for malware research — from unboxing to a working containerized environment on the NVIDIA Jetson Orin Nano.
Malware ML Lab – Part 2: Validating the Jetson ML Environment
Verifying that PyTorch, CUDA, and GPU training all work end-to-end inside the Jupyter container on the Jetson Orin Nano.