Home

Poking malware one at a time.

Welcome.

This website is dedicated to malware analysis. Over time I will add pages for tools, resources, and in-depth analysis of malware samples.

Latest from the Blog

Solarmarker: by any other name

Payload SHA256: c61348ab7e5ffeb9ba5d1077b13c49bde4d841c5ada9aBackdoor SHA256: 0e673eb418c87268aa3bcb262e8e03a3f719a95a8e118ba99515c57c9aa02d38Backdoor C2: 149.255.35.179 Solarmarker (AKA JupyterInfostealer AKA YellowCockatoo AKA Polazert) is still a trending malware. According to Expel.io the malware accounted for 33% of their identified malicious payloads in September 2021. Several companies have published write-ups: they often dig deep and the writeups and detection methods often fall out of dateContinue reading “Solarmarker: by any other name”

Get new content delivered directly to your inbox.