Malpedia Library

2023-07-19 ⋅ Jiří Vinopal
BYOS – Bundle Your Own Stealer
BundleBot

2023-04-04 ⋅ Check Point Research ⋅ Jiří Vinopal
Rorschach – A New Sophisticated and Fast Ransomware
Rorschach Ransomware

2023-03-15 ⋅ Check Point Research ⋅ Jiří Vinopal
DotRunPEX - Demystifying New Virtualized .NET Injector used in the Wild

2022-12-12 ⋅ Checkpoint ⋅ Jiří Vinopal
Pulling the Curtains on Azov Ransomware: Not a Skidsware but Polymorphic Wiper
Azov Wiper

2022-09-21 ⋅ Check Point ⋅ Jiří Vinopal
Native function and Assembly Code Invocation
MiniDuke

2022-05-16 ⋅ Github (Dump-GUY) ⋅ Jiří Vinopal
Malware Analysis Report – APT29 C2-Client Dropbox Loader
Unidentified 099 (APT29 Dropbox Loader)

2022-04-28 ⋅ Twitter (@vinopaljiri) ⋅ Jiří Vinopal
#ONYX Ransomware is based on #Chaos Ransomware Builderv4
Chaos

2022-01-17 ⋅ Github (Dump-GUY) ⋅ Jiří Vinopal
Debugging MBR - IDA + Bochs Emulator (CTF example)
WhisperGate

2022-01-12 ⋅ Github (Dump-GUY) ⋅ Jiří Vinopal
NightSky Ransomware – just a Rook RW fork in VMProtect suit
Rook

2021-12-08 ⋅ YouTube ( DuMp-GuY TrIcKsTeR) ⋅ Jiří Vinopal
Full malware analysis Work-Flow of AgentTesla Malware
Agent Tesla

2021-11-22 ⋅ YouTube ( DuMp-GuY TrIcKsTeR) ⋅ Jiří Vinopal
Powershell and DnSpy tricks in .NET reversing – AgentTesla [Part2]
Agent Tesla

2021-11-22 ⋅ YouTube ( DuMp-GuY TrIcKsTeR) ⋅ Jiří Vinopal
Powershell and DnSpy tricks in .NET reversing – AgentTesla [Part1]
Agent Tesla

2021-10-30 ⋅ YouTube ( DuMp-GuY TrIcKsTeR) ⋅ Jiří Vinopal
Reversing CryptoCrazy Ransomware - PoC Decryptor and some Tricks
Povlsomware

2021-08-23 ⋅ YouTube ( DuMp-GuY TrIcKsTeR) ⋅ Jiří Vinopal
[2] Lokibot analyzing - spoofing GULoader and LokiBot C2 [part2] - INetSim + BurpSuite
CloudEyE Loki Password Stealer (PWS)

2021-07-15 ⋅ YouTube ( DuMp-GuY TrIcKsTeR) ⋅ Jiří Vinopal
Fast API resolving of REvil Ransomware related to Kaseya attack
REvil

2021-07-07 ⋅ YouTube ( DuMp-GuY TrIcKsTeR) ⋅ Jiří Vinopal
[2] Lokibot analyzing - spoofing GULoader and LokiBot C2 [part1] - Own implementation in Python
CloudEyE Loki Password Stealer (PWS)

2021-07-06 ⋅ YouTube ( DuMp-GuY TrIcKsTeR) ⋅ Jiří Vinopal
[1] Lokibot analyzing - defeating GuLoader with Windbg (Kernel debugging) and Live C2
CloudEyE Loki Password Stealer (PWS)

2021-03-11 ⋅ YouTube ( Malware_Analyzing_&_RE_Tips_Tricks) ⋅ Jiří Vinopal
Formbook Reversing - Part1 [Formbook .NET loader/injector analyzing, decrypting, unpacking, patching]
Formbook

2021-03-01 ⋅ YouTube ( Malware_Analyzing_&_RE_Tips_Tricks) ⋅ Jiří Vinopal
Ryuk Ransomware - Advanced using of Scylla for Imports reconstruction
Ryuk

2021-02-22 ⋅ YouTube ( Malware_Analyzing_&_RE_Tips_Tricks) ⋅ Jiří Vinopal
Ryuk Ransomware API Resolving in 10 minutes
Ryuk

2020-12-15 ⋅ Github (Dump-GUY) ⋅ Jiří Vinopal
Reverse engineering KPOT v2.0 Stealer
KPOT Stealer