Month: April 2017

Windows Special Folders: CSIDLs, KNOWNFOLDERID

Introduction As we’ve seen many times before, malware authors are always trying to get at important system folders on victim systems. Some reasons for this are: To locate and attack actual operating system files To impersonate or spoof system files or create files with similar names in an attempt to circumvent detection. For example –…


Python and Crypto

It’s no secret that malware authors, particularly of specialized, targeted malware and ransomware, use encryption to aid in hiding functionality of code, as well as data like email and server addresses, IPs, and much more. Due to this, it’s useful to learn about encryption. Python also happens to be the scripting language of choice these…


Thoughts Concerning Cryptography, Privacy, Data, and the Future

Lately I’ve been mulling over some thoughts concerning the future of security, privacy, and how it relates to data records. This post will present some ideas for you if you do not know where to start when it comes to cyber security or are looking for ideas on how to keep you and your family’s…


EquationGroup DoubleFantasy Part 1

Introduction EquationGroup has a malware called DoubleFantasy. Sounded interesting, so I decided to go ahead and attack it and find out what it’s all about. Supposedly Kaspersky said about EquationGroup, The Equation Group is probably one of the most sophisticated cyber attack groups in the world; and they are the most advanced threat actor we…


What is a Malware Analyst and Why will your organization need one very soon?

Introduction I predict within the next 5-10 years, the number of malware analyst, researcher, and reverse-engineer jobs is going to skyrocket. So what is a malware analyst, malware researcher, and/or malware reverse-engineer in the first place and why will they be in high demand? What is a Malware Analyst/Researcher/Reverse Engineer? First of all, the slashes…


Malware Tips for Non-Tech folks

Today I recorded this video that gives some beginner tips on how to stay safe from malware, adware, spyware, and crapware. If you find your computer getting bogged down with unknown software, ads, toolbars, and other junk, this video is for you. Feel free to post any questions in the comments and I’ll answer.


Privacy – The problem and the solution

Introduction You may or may not know that privacy as we’ve known it is currently under an attack bigger than any the human race has ever seen before, other than perhaps the great flood. Companies like Facebook, Google, Microsoft, and most modern tech companies are recording as much about you as possible. Why? Because it…


The Ultimate List of Services which Respect your Privacy

Herein is a list of services which make an effort to respect privacy and do not sell your data. This list is starting out small and will continue to grow as I receive suggestions and find time to locate more services as well. I will not be posting services that I have not personally checked…


Hiding from disassembly analysis

There are several patterns that I’ve picked up on in which malware authors try to hide function calls, a large one being by using other function calls. To analysts who are experienced with the operating system’s API and system calls, this is not a big deal, but to those who are not, they are effective…