Skip to content (Press Enter)
  • Home

Ghetto Forensics

  • Home

Tag: ida

A Walkthrough for FLARE RE Challenges

September 22, 2014May 20, 2025 Brian Baskin

The FireEye Labs Advanced Reverse Engineering (FLARE) challenge was causing a bit of a buzz when it was announced and launched in early July. It read like a recruitment campaign for a new division within FireEye, but still a fun challenge to partake in. The challenge started … and I was on-site at a client …

Read More

Malware with No Strings Attached Part 2 – Static Analysis

February 17, 2014May 20, 2025 Brian Baskin

In the previous post I showed some dynamic analysis procedures for a variant of a trojan known to Symantec as Coreflood. Based on the dynamic analysis, we discovered that the analyzed sample contained very few strings of use. It decrypted an embedded executable, which was injected into memory for execution. It dropped an encrypted file to …

Read More

Search

Archive List

  • March 2024
  • November 2022
  • March 2018
  • July 2017
  • August 2016
  • May 2016
  • March 2016
  • January 2016
  • September 2015
  • November 2014
  • September 2014
  • February 2014
  • January 2014
  • October 2013
  • September 2013
  • August 2013

Recent Posts

  • Huntress CTF 2023 – Unique Approaches to Fun Challenges
  • Flare-On 9 – The Worst Writeups
  • Enforcing the Law at the Mid Atlantic Collegiate Cyber Defense Competition (MACCDC)
  • Exploring the Labyrenth (2017 Edition)
  • Running the Labyrenth: Unit 42 CTF

Categories

  • Uncategorized

Archive List

  • March 2024
  • November 2022
  • March 2018
  • July 2017
  • August 2016
  • May 2016
  • March 2016
  • January 2016
  • September 2015
  • November 2014
  • September 2014
  • February 2014
  • January 2014
  • October 2013
  • September 2013
  • August 2013

Recent Posts

  • Huntress CTF 2023 – Unique Approaches to Fun Challenges
  • Flare-On 9 – The Worst Writeups
  • Enforcing the Law at the Mid Atlantic Collegiate Cyber Defense Competition (MACCDC)
  • Exploring the Labyrenth (2017 Edition)
  • Running the Labyrenth: Unit 42 CTF

Categories

  • Uncategorized

Tags

.net behavior analysis bsidesdc bsidesde cafebabe challenge class ctf cybergamut debugger dfir dynamic analysis encryption fernflower forensics gmail google ida infected infosec jad jar java jd-gui jdo jmd krakatau malware malware analysis matasano memory microsoft Noriben plaso privacy procmon python reverse engineering runtime security shedexec sysinternals trojan volatility windows
© 2025 Ghetto Forensics. All Rights Reserved. Prime Cyber Security By Themeignite. Powered By WordPress.