Threat actors usually depend on some sort of a first stager to drop their malware, one good candidate for this mission is AutoIT scripts because of their capabilities of interacting with COM objects, calling DLLs’ functions, and simulating user interactions. In this story, we’ll discuss some important tips for analyzing…

One of the essential skills that an analyst or a forensics investigator has to be equipped with is interpreting hexadecimal raw files. Doing a manual analysis of network packets without any tools would be a good start to get yourself comfortable with the hexadecimal representation of the files, and of…