Retrieve C2 from a wild StealC sample using Binary Ninja API.

Retrieve C2 from unpacked loader (stage2) of a wild StealC sample and unpack stage 3 all with MIASM.

Unpacking the first stage of StealC packed by pkr_ce1a using MIASM

Avoslocker analysis

This article is a deep dive into the Dridex Loader

In this whitepaper, Lexfo analyses Lazarus malwares, from their motives, to their detection and mitigation, through their techniques, tactics, procedures.