Chasing Necurs: The Beginning

A few months ago I was trying to decide what my next big side project would be and I decided to set my sights on Necurs. Necurs, for those unfamiliar is a botnet being used largely as a carrier for...

Read More

Generic Unpacking with r2pipe

I’ve been playing around with r2pipe lately and thought I would do a bit of a write up on how I automated unpacking a Locky sample using r2 over r2pipe. Basically Locky unpacks itself using VirtualAlloc to allocate a...

Read More

How I Reverse Malware

I told some guys on IRC that I would write a post about how I do my reverse engineering one day but have been pretty busy since then and wasn’t able to find the time to sit down and write...

Read More