Skip to main content

2 posts tagged with "Static Analysis"

A type of analysis that examines a program or malware without executing it, often by reviewing its source code, binary code, or configuration files. Static analysis can identify various aspects of the malware, such as strings, functions, and libraries used, but does not simulate the actual execution of the malware.

View All Tags

THM | AoC 2025 | Day 06-08

· 12 min read

Advent of Cyber 2025 | Day 06-08 | Summary:

On Day 06 (Malware analysis) – we show how to examine a suspicious Windows executable using static tools (PeStudio) and dynamic sandbox techniques (RegShot, ProcMon) to extract hashes, strings, registry changes, and C2 information. Then on Day 07 (Network discovery), we demonstrate progressive port scanning (Nmap), service enumeration (FTP, custom TCP service, DNS), file retrieval, and post‑exploitation steps (accessing an admin console, enumerating listening ports, and extracting flags from a local MySQL database).

Finally on Day 08 (Prompt injection), we first explain the theory behind autonomous AI agents, then exploit a calendar‑management AI by extracting a hidden token via a log‑reading function and using it to call a privileged "reset_holiday" function, restoring the correct Christmas setting.

THM | Intro to Malware Analysis

· 7 min read

Malware Analysis | Intro to Malware Analysis | Summary:

The aim of this room is to provide SOC analysts with steps to determine whether suspicious content (files or traffic) is malicious or not. It will cover the basics of malware, how to start analyzing it, and different analysis methods, as well as resources for further assistance.