Tag: malware analysis

6 Attack Reports | 0 Vulnerabilities

Attack reports

Leveraging Generative AI to Reverse Engineer XLoader

This report details how generative AI was used to accelerate the reverse engineering of XLoader malware. The researchers employed a combination of cloud-based static analysis using exported IDA data and occasional dynamic checks via MCP to rapidly unpack encrypted code, deobfuscate API calls, and d…
obfuscation
encryption
malware analysis
chatgpt
reverse engineering
xloader
generative ai
2025-11-03
ioc extraction
Published: November 3, 2025
Downloadable IOCs: 16

A Mega Malware Analysis Tutorial Featuring Donut-Generated Shellcode

This tutorial provides an in-depth analysis of a malware infection chain using shellcode generated by the Donut tool. It covers various stages of the attack, including initial download, trace concealment, and final payload delivery. The tutorial aims to familiarize readers with common analysis tool…
shellcode
donut
malware analysis
ida pro
reverse engineering
static analysis
2025-08-14
x64dbg
dynamic analysis
Published: August 14, 2025
Downloadable IOCs: 1

How to Improve Cyber Threat Investigations with TI Lookup

This article discusses the use of Threat Intelligence (TI) Lookup, a centralized service for threat data exploration and analysis. It highlights key features such as fast search results, extensive search parameters, and access to a large database of malware and phishing samples. The article explain…
phishing
remcos
stealc
cybersecurity
lumma
malware analysis
threat intelligence
agenttesla
yara rules
2024-11-13
darkvision
sandbox
ioc
Published: November 13, 2024
Downloadable IOCs: 0

SmokeBuster Tool

ThreatLabz has developed SmokeBuster, a tool to detect, analyze, and remove SmokeLoader malware from infected systems. Despite Operation Endgame's disruption in May 2024, SmokeLoader continues to be used by threat groups. SmokeBuster supports various SmokeLoader versions and Windows systems, offeri…
windows
smokeloader
operation endgame
malware analysis
2024-10-31
thread manipulation
system performance
memory injection
dofoil
smokebuster
Published: October 31, 2024
Downloadable IOCs: 0

Exploring GenAI in Cybersecurity: Gemini for Malware Analysis

This analysis explores the application of Generative AI, specifically Google's Gemini Advanced, in malware analysis. The experiment focuses on analyzing executable files, particularly a RisePro Stealer sample. The methodology involves decompiling the malware using Ghidra and IDA Pro, then using spe…
cybersecurity
malware analysis
genai
2024-10-07
risepro stealer
decompilation
ai-assisted analysis
ida pro
ghidra
gemini
executable files
2024-10-08
Published: October 8, 2024
Downloadable IOCs: 1

Malware Analysis - Accelerating Analysis When It Matters

This report provides information on how security professionals can expedite the analysis of multiple malware samples. By utilizing automated techniques, such as malware configuration parsing, analysts can quickly determine malware families, extract network indicators, and enhance detection and resp…
2024-07-24
malware analysis
Published: July 24, 2024
Downloadable IOCs: 28
Click here to see more Attack Reports