Date Author Title
2025-03-10Xavier MertensShellcode Encoded in UUIDs
2025-02-19Xavier MertensXWorm Cocktail: A Mix of PE data with PowerShell Code
2025-01-29Xavier MertensFrom PowerShell to a Python Obfuscation Race!
2024-12-23Xavier MertensModiloader From Obfuscated Batch File
2024-11-30Xavier MertensFrom a Regular Infostealer to its Obfuscated Version
2024-08-26Xavier MertensFrom Highly Obfuscated Batch File to XWorm and Redline
2024-03-28Xavier MertensFrom JavaScript to AsyncRAT
2024-03-13Xavier MertensUsing ChatGPT to Deobfuscate Malicious Scripts
2024-02-09Xavier MertensMSIX With Heavily Obfuscated PowerShell Script
2024-01-26Xavier MertensA Batch File With Multiple Payloads
2024-01-12Xavier MertensOne File, Two Payloads
2023-06-16Xavier MertensAnother RAT Delivered Through VBS
2023-06-09Xavier MertensUndetected PowerShell Backdoor Disguised as a Profile File
2023-05-17Xavier MertensIncrease in Malicious RAR SFX files
2023-03-30Xavier MertensBypassing PowerShell Strong Obfuscation
2023-03-21Didier StevensString Obfuscation: Character Pair Reversal
2023-03-18Xavier MertensOld Backdoor, New Obfuscation
2023-02-10Xavier MertensObfuscated Deactivation of Script Block Logging
2023-01-25Xavier MertensA First Malicious OneNote Document
2022-11-05Guy BruneauWindows Malware with VHD Extension
2022-11-04Xavier MertensRemcos Downloader with Unicode Obfuscation
2022-10-18Xavier MertensPython Obfuscation for Dummies
2022-06-19Didier StevensVideo: Decoding Obfuscated BASE64 Statistically
2022-06-18Didier StevensDecoding Obfuscated BASE64 Statistically
2022-06-16Xavier MertensHoudini is Back Delivered Through a JavaScript Dropper
2022-06-01Jan KoprivaHTML phishing attachments - now with anti-analysis features
2021-11-18Xavier MertensJavaScript Downloader Delivers Agent Tesla Trojan
2021-11-14Didier StevensVideo: Obfuscated Maldoc: Reversed BASE64
2021-09-22Didier StevensAn XML-Obfuscated Office Document (CVE-2021-40444)
2021-06-04Xavier MertensRussian Dolls VBS Obfuscation
2021-01-04Jan KoprivaFrom a small BAT file to Mass Logger infostealer
2020-11-19Xavier MertensPowerShell Dropper Delivering Formbook
2020-11-13Xavier MertensOld Worm But New Obfuscation Technique
2020-11-05Xavier MertensDid You Spot "Invoke-Expression"?
2020-10-14Xavier MertensNicely Obfuscated Python RAT
2020-09-04Jan KoprivaA blast from the past - XXEncoded VB6.0 Trojan
2020-08-19Xavier MertensExample of Word Document Delivering Qakbot
2020-08-16Didier StevensSmall Challenge: A Simple Word Maldoc - Part 3
2020-07-08Xavier MertensIf You Want Something Done Right, You Have To Do It Yourself... Malware Too!
2020-04-27Xavier MertensPowershell Payload Stored in a PSCredential Object
2020-04-24Xavier MertensMalicious Excel With a Strong Obfuscation and Sandbox Evasion
2020-04-03Xavier MertensObfuscated with a Simple 0x0A
2020-02-22Xavier MertensSimple but Efficient VBScript Obfuscation
2020-02-07Xavier MertensSandbox Detection Tricks & Nice Obfuscation in a Single VBScript
2020-01-23Xavier MertensComplex Obfuscation VS Simple Trick
2019-10-18Xavier MertensQuick Malicious VBS Analysis
2019-08-09Xavier Mertens100% JavaScript Phishing Page
2019-07-11Xavier MertensRussian Dolls Malicious Script Delivering Ursnif
2019-07-02Xavier MertensMalicious Script With Multiple Payloads
2019-06-10Xavier MertensInteresting JavaScript Obfuscation Example
2018-12-15Didier StevensDe-DOSfuscation Example
2018-12-12Didier StevensYet Another DOSfuscation Sample
2018-11-27Xavier MertensMore obfuscated shell scripts: Fake MacOS Flash update
2018-11-26Xavier MertensObfuscated bash script targeting QNap boxes
2018-11-16Xavier MertensBasic Obfuscation With Permissive Languages
2018-11-06Xavier MertensMalicious Powershell Script Dissection
2018-10-23Xavier MertensDiving into Malicious AutoIT Code
2018-09-30Didier StevensWhen DOSfuscation Helps...
2018-07-30Didier StevensMalicious Word documents using DOSfuscation
2018-07-26Xavier MertensWindows Batch File Deobfuscation
2018-06-18Xavier MertensMalicious JavaScript Targeting Mobile Browsers
2018-05-25Xavier MertensAntivirus Evasion? Easy as 1,2,3
2017-11-03Xavier MertensSimple Analysis of an Obfuscated JAR File
2017-09-30Lorna HutchesonWho's Borrowing your Resources?
2017-07-08Xavier MertensA VBScript with Obfuscated Base64 Data
2017-06-22Xavier MertensObfuscating without XOR
2017-04-28Xavier MertensAnother Day, Another Obfuscation Technique
2017-04-21Xavier MertensAnalysis of a Maldoc with Multiple Layers of Obfuscation
2017-04-19Xavier MertensHunting for Malicious Excel Sheets
2017-03-30Xavier MertensDiverting built-in features for the bad
2017-03-24Xavier MertensNicely Obfuscated JavaScript Sample
2017-03-18Xavier MertensExample of Multiple Stages Dropper
2017-02-28Xavier MertensAnalysis of a Simple PHP Backdoor
2017-02-12Xavier MertensAnalysis of a Suspicious Piece of JavaScript
2016-08-28Guy BruneauSpam with Obfuscated Javascript
2016-06-22Bojan ZdrnjaSecurity through obscurity never works
2016-02-07Xavier MertensMore Malicious JavaScript Obfuscation
2016-01-15Xavier MertensJavaScript Deobfuscation Tool
2013-02-08Kevin ShorttIs it Spam or Is it Malware?
2012-05-22Johannes Ullrichnmap 6 released
2012-01-03Bojan ZdrnjaThe tale of obfuscated JavaScript continues
2010-04-08Bojan ZdrnjaJavaScript obfuscation in PDF: Sky is the limit
2010-03-05Kyle HaugsnessJavascript obfuscators used in the wild
2009-06-30Chris CarboniObfuscated Code
2009-06-30Chris CarboniDe-Obfuscation Submissions
2009-04-07Bojan ZdrnjaAdvanced JavaScript obfuscation (or why signature scanning is a failure)
2008-09-03Daniel WesemannStatic analysis of Shellcode - Part 2
2008-07-14Daniel WesemannObfuscated JavaScript Redux
2008-04-06Daniel WesemannAdvanced obfuscated JavaScript analysis
2008-04-03Bojan ZdrnjaMixed (VBScript and JavaScript) obfuscation