Malware Analysis & Research In-depth reverse engineering, hunting notes, and analysis of suspicious applications and loaders. All write-ups are published on my research blog. Analysis: Potentially Malicious PDFSupernova Loader (Chrome Web Data Hijack) Suspicious Converter Apps – Obfuscated Strings, PowerShell Indicators & Loader Behavior Analysis: Malicious PDF Converter App (PrimePDFConvert) has loader capabilities Analysis: A series of malicious DLLs being loaded from fake meeting software (Teams, GoogleMeet) Analysis: An early in-depth look at TamperedChef malware, originally named due to its links to weaponized Recipe apps.
In-depth reverse engineering, hunting notes, and analysis of suspicious applications and loaders. All write-ups are published on my research blog.