I’m a Computer Science / IT-Security student (about to finish my B.Sc) from Germany. As you can probably tell I like to analyse malware (especially Ransomware) in my spare time. If you have any questions or suggestions regarding one of my blog posts feel free to send me a message :)
Hey there, I’m finally getting around to introducing the new post category “Quick revs”, which will feature short write-ups of various malware …
Hey there, it has been a while, again.. 😅 This year was pretty stressful for me so far, so I didn’t really have the time to write about malware deep …
Hey there, long time no blog post :D It’s not like I haven’t been doing any research the last couple of months, but between the whole Covid-19 …
Let’s start right off with a short introduction: The Malware analyzed here is a so-called MBR (Master Boot Record) Locker. It is targeting (like most …
Since the current COVID-19 outbreak is getting masively taken advantage of by various cybercriminals I thought it would be a good opportunity to try …
Hey there, yeah it has been a while. I’ve been quite busy with university stuff for the past weeks, so I’m trying to get back into the …
This is not the first time that someone built a Ransomware Strain with NodeJS (check out this article about Ransom32 and let’s not forget about …
This strain was first discovered by Korben Dallas on Twitter on the 9th of January. As I already mentioned the Malware is delivered via a …
After checking the projects and self-organized Sessions I couldn’t find anything related to Malware Research or a place to discuss reverse engineering …
Fun Fact: The Extension ”pysa” is probably derived from the Zanzibari Coin with the same name. Apparently it’s quite popular with collectors. …
I got this sample from one of the victims posting in the Bleeping Computer Forum thread. From what I gather their systems fell to yet another RDP …
![God save the Queen [...] 'cause Ransom is money - SaveTheQueen Encryptor](https://dissectingmalwa.re/img/queen-logo.png){kind=logo}
Honestly I couldn’t decide between the title above and “All crimes are paid“, but Sex Pistols fans will get it regardless ¯\(ツ)/¯ I found this sample …
Sality @ AnyRun | HybridAnalysis | VirusTotal –> sha256 37f1b6394a408e0a959b82ff118a526c1362b4ddc1db5da03c9ffa70acaebff4 To all Pinebook …
Mystic but also a new(-ish) threat: Medusa ransomware. Let’s take a quick peek, but don’t look too close or you may need to fetch backups soon. A …
..and you constantly have to apply for jobs. A partial analysis of the “GermanWiper“ Ransomware / Wiper. Today someone posted about a Ransomware …