Filip OlszakAnalysing maldocs with x64dbg💥 and Process Hacker — Part 2: ShellcodeShellcode is usually a bit of position-independent code, expected to be able to successfully accomplish it’s tasks, regardless of where in1 min read·Feb 24, 2020----
Filip OlszakAnalysing maldocs with x64dbg💥 and AMSI — Part 1: Payload extractionKnowing that most commonly running malicious macros will result in creation of a new process, we can set breakpoints on the limited set of1 min read·Feb 14, 2020----