Payload Encryption

2024-08-05

Payloads are often encrypted within code to make it more difficult for security softare to detect the malicious activity of the file. Payload ...

Read More

PE Sections

2024-08-05

Portable Executable Sections contain the code and data of an executable.

Sections may contain code, variables, or resource information.

Programs may ...

Read More

Program Database

2024-08-05 pe windows

Program Database (PDB) is a file format on Windows systems used to store debugging information about a program.

PDB files commonly have a .pdb file ...

Read More

Ransomware

2024-08-05

Ransomware is a type of malware that permanently blocks access to a victim’s personal data unless a ransom is paid.

Read More

Sandbox Detection

2024-08-05

Sandboxing is a dynamic detection method in which the scrutinized file (or sample) is executed within a contained environment (sandbox). The behavior ...

Read More

shellcode

2024-08-05

Shellcode is a small piece of code employed by malware that is used as the payload when exploiting software vulnerabilities. It is known as shellcode, ...

Read More

Signature Detection

2024-08-05

A signature in the context of malware analysis and detection is a series of bytes, strings, or characteristics that uniquely identifies a sample as ...

Read More

strings command

2024-08-05

strings is a program that finds and prints readable strings within a binary file. It is useful for determing the contents of non-text files. This is ...

Read More

UUIDfuscation

2024-08-05

UUIDfuscation is the process of using UUIDs to encode and obfuscate malware.

A UUID is made up of 5 segments of different sizes and may look something ...

Read More

Malware

2024-08-04

Malware is software specifically designed to perform malicious actions. Malware may disrupt, damage, or provide unauthorized access to a computer ...

Read More