Profzzor

EdgeAutoUpdater
EdgeAutoUpdater
Created|Malware Analysis
A fileless loader disguised as an Edge update that deploys rootkits and ransomware.
AuRAT
AuRAT
Created|Malware Analysis
Aurat is a stealthy C++ backdoor featuring API hashing, AES-128 encrypted C2, and process injection targeting svchost.exe.
Gamaredon
Gamaredon
Created|Malware Analysis
Technical analysis of a **Gamaredon** HTA dropper. The malware executes a multi-stage infection chain (HTA ->VBS -> powerShell) that abuses legitimate tunneling services (Microsoft Dev Tunnels, Cloudflare) to evade detection and exfiltrate system data.
Holycat
Holycat
Created|Malware Analysis
A deep dive into HolyCat Ransomware, a Rust binary that encrypts user files with the .HC extension. The analysis uncovers its reliance on Discord for key exfiltration and dissects the cryptographic routine used to destroy victim data.
The Payload
The Payload
Created|Malware Analysis
This report provides a technical analysis of a multi-stage Windows network worm designed to propagate laterally across local area networks. The malware's architecture is centered on the `OLE/COM` subsystem, leveraging functions exported by **ole32.dll** to orchestrate its later stages. Its primary objective is to achieve widespread infection within the `192.168.1.0/24` subnet by exploiting open Server Message Block (SMB) shares.
avatar
Profzzor
Defensive
Articles
5
Tags
14
Categories
1
Support Me
Announcement
I am currently seeking new job opportunities. If you know of any roles that align with my skills and experience, please feel free to connect. Thank you for your support.
Recent Posts
EdgeAutoUpdater
EdgeAutoUpdater
AuRAT
AuRAT
Gamaredon
Gamaredon
Holycat
Holycat
The Payload
The Payload
Categories
Tags
Ransomware infostealer Sherlocks Discord VBScript Malops CTF HTB Rust Powershell Gamaredon AuRAT HolyCat Backdoor
Archives