Jul 19AWS CLIDFIR QuickStart Install AWS CLI Details on all three OS can be found here. This should get you started on a Mac: $ curl "https://awscli.amazonaws.com/AWSCLIV2.pkg" -o "AWSCLIV2.pkg" $ sudo installer -pkg AWSCLIV2.pkg -target / Once you’ve installed it, run this command to verify installation: $ which aws /usr/local/bin/aws $ aws --version aws-cli/2.4.5 Python/3.8.8 Darwin/18.7.0…3 min read
Jul 14Android Analysis QuickstartThis guide will get you up and running quickly for any Android Analysis case. Use it as a starting point and once you’ve completed this setup, you can add more techniques for a deeper analysis. Starting point for most Android Analysis is enabling USB Debugging. …Android4 min read
Jun 9Nethunter Installation Stuck at ‘Checking package dependencies’So you’re trying to install Nethunter on your Android device and you get to the part where you run the install script — $ ./install-nethunter-termux And it get’s stuck at the second line “Checking package dependencies” You have been following the instructions here: https://www.kali.org/docs/nethunter/nethunter-rootless/#installation Try this instead: Step 1. Install…Android2 min read
Apr 27THE SCIENCE OF ENGINEERING MALWARENOTE: This course will be offered In-Person Earlybird registration now open — https://www.blackhat.com/us-22/training/schedule/#the-science-of-engineering-malware-255311645114714 WHO SHOULD TAKE THIS COURSE This course has been created for people who want to pursue the career path of Malware Analysis, have great interest in this field and are ready to take the next step. KEY TAKEAWAYS - Students will understand how malware…Training2 min read
Dec 23, 2021DefendAgainst: Ransomware ‘STOP’/DJVUaka DJVU Originally published here. In recent weeks, we have observed a spike in infections involving the STOP ransomware variant. STOP is also known as DJVU by other vendors in the industry. In this article, we’ve looked at the latest version circulating in the wild. …7 min read
Dec 19, 2021Emotet is back!Here’s the latest VT collection: https://www.virustotal.com/gui/collection/39035fdc8b922e3bd56cc754a5cd3ce397754230087fc2b402abda400c2d11fa Here’s the latest hashdump: Emotet: Nov-Dec 2021 - Pastebin.com Not a member of Pastebin yet? Sign Up , it unlocks many cool features…pastebin.comEmotet1 min readEmotet is back!Here’s the latest VT collection:https://www.virustotal.com/gui/collection/39035fdc8b922e3bd56cc754a5cd3ce397754230087fc2b402abda400c2d11faHere’s the latest hashdump:Emotet: Nov-Dec 2021 - Pastebin.comNot a member of Pastebin yet? Sign Up , it unlocks many cool features…pastebin.com----
Dec 7, 2021Revix Linux RansomwareFirst edition published here In the first half of 2021, we started to see the REvil ransomware operators targeting Linux-based systems with a new Linux version of the more commonly seen Windows version of the same ransomware. There have been a few versions of this Linux-based malware since then. In…Ransomware7 min read
Nov 30, 2021RansomExxyara rules These are a couple of Yara rules that I wrote for detecting RansomExx, a linux-based ransomware. Usage: $yara ransomexx.yar -path-to-dir-to-be-scanned Get it from Github /* author = "Vishal Thakur - malienist.medium.com" date = "2021-11-30" version = "1" description = "Detects RansomExx Linux Ransomware" info = "Generated from information extracted from the malware sample…Yara4 min read
Sep 9, 2021Winners — 2021 CTF — Reverse Engineering Malicious CodeThanks everyone who participated in the CTF and congratulations to all the winners! 1st Place: Kabir Acharya (Australia) 2nd Place: Devesh Mitra (Australia) 3rd Place: Raymond Toh (Singapore)Ctf1 min readWinners — 2021 CTF — Reverse Engineering Malicious CodeThanks everyone who participated in the CTF and congratulations to all the winners!1st Place: Kabir Acharya (Australia)2nd Place: Devesh Mitra (Australia)3rd Place: Raymond Toh (Singapore)----
Aug 4, 20212021 CTF — Reverse Engineering Malicious CodeWelcome to the first edition of the Malienist CTF in collab with HCKSYD. Registration OPEN. PrizesCtf2 min read