Poking malware one at a time.

Welcome.

This website is dedicated to malware analysis. Over time I will add pages for tools, resources, and in-depth analysis of malware samples.

Latest from the Blog

Using the Cert Graveyard

Summary: This post shares some key ways to leverage the Cert Graveyard database. I also share statistics on Cert Graveyard usage and share options to support my work. If you aren’t familiar with Cert Graveyard, I’ve described it in depth elsewhere: it is a public database for documenting abused code-signing certificates. We’ve reported and documented…

June 22, 2026

The CertGraveyard

Learn about the role of the Cert Graveyard in tracking, reporting, and preventing malware that leverage Extended Validation code-signing certificates.

April 1, 2026April 1, 2026

SolarMarker: Actions-On-Target

SolarMarker malware remains was a common threat but nothing has been published or widely shared about the actor’s actions or objectives—until now. Based on original findings from monitoring an infected computer for months, this blog-post discloses—for the first time—the financial fraud carried out by the SolarMarker actor group.

December 15, 2025

Get new content delivered directly to your inbox.