We will analyze MosaicLoader.


In July 2021, BitDefender published a WhitePaper on new Golang malware family “MosaicLoader.”

Golang programs are becoming increasingly popular amongst the adversaries, Pentesters and Red Teamers because it allows them to create malicious program that can support multiple OS platform with single source code. However due…

BazarCall be like..

We will analyze BazarLoader.


BazarLoader(BazaLoader) is a backdoor Trojan which is designed to collect sensitive information, control and deliver additional malware on the infected machine. The malware has been identified as Team9 malware family which was tied to group responsible for developing Trickbot.

In the recent campaign, it utilizes combination…

Buffed up InfoStealer…

We will analyze Vidar Infostealer, specifically for infostealing capabilities.


Vidar is an infostealer which gets distributed through an attachment of phishing email, cracked version of commercial software, or keygen program.

Vidar is known to steal following informations from infected machines.

  1. Text files
  2. Browser cookies
  3. Browsder histories
  4. Crytocurrency
  5. MFA data


Breaking my spirit…

In this analysis, we will go over anti-analysis techniques that was utilized within this Dridex Sample.


Dridex is a Banking Trojan, which was originally found around 2014. The malware is known to be constantly evolving through additions of new features and upgrades. …

In this Analysis, we will go over what I saw with my recent deepdive of njRAT.


njRAT, also known as Bladabind, is a Remote Access Trojan(RAT) which is known for it’s infostealing capabilities. njRAT is easily accessible malware that is utilized widely within the malware community.


njRAT general infection flow…

In this analysis, I will show what I saw in my hands on analysis of the malware. I’m still a novice in malware analysis, but I’m hoping things I see in this analysis can help other fellow analysts who may be starting out just like me.


Qakbot first came to…

Gorilla Rage

#MalwareAnalysis #ReverseEngineering #Gorilla

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store