Skip to content

Releases: knowmalware/REMalware

2.0

07 Mar 03:32
@knowmalware knowmalware
2.0
ce01a6e
Compare
Choose a tag to compare
2.0 Latest
Latest

Changes:

  • Converted from TiddlyWiki format to Markdown
  • Added three new modules: Diversity, Powershell, Ransomware
  • Added Yara module from In-Depth Unpacking
  • Added WinAppDbg example script from MalwareMusings
  • Added entropy finder script
Assets 2
Loading

2014 class material

07 Mar 03:23
@knowmalware knowmalware
1.2
c0d35d1
Compare
Choose a tag to compare
2014 class material

Changes:

  • Added common string encodings (UTF-8, UTF-16, etc)
  • Added packer categories and references.
  • Updated Generic RE Algorithm
  • Added instructions for using PDFStreamDumper to extract shellcode from a PDF
  • Minor formatting changes
  • Added sdhash reference to Triage section
  • Added shellcode example-specific decoding IDC script

As before, the Malware ZIP is an encrypted zip with a password of "infected" (without the quotes). All of the .exe files have been renamed to .ex_.

Assets 5
Loading

2013 class material

07 Mar 03:19
@knowmalware knowmalware
1.0
ddcc95c
Compare
Choose a tag to compare
2013 class material

2013 class materials that match videos on archive.org and videos on YouTube.

To bypass exe filters, e.g. so this can be sent through email, the Malware ZIP is an encrypted zip with a password of "infected" (without the quotes). All of the .exe files have been renamed to .ex_.

Assets 5
Loading