Reminthink - Newbie in computer field

Malware Analysis PE File

Portable Executable (PE) File – WOW64 processes

May 20, 2024March 24, 2024

WOW64 architecture WOW64-sandboxed processes (x86 processes running in x64 environment)

Malware Analysis PE File

Portable Executable (PE) File – Using PE header information for static analysis: Incident Handling

May 6, 2024March 24, 2024

Incident Handling: Is this malware packed? Incident Handling: Is this malware a dropper or a downloader? Incident Handling: Does it […]

Portable Executable (PE) File – Using PE header information for static analysis: Threat Intelligence.

April 29, 2024March 24, 2024

Using PE header information for static analysis Threat Intelligence: When was this sample created? Threat Intelligence: What’s the country of […]

Malware Analysis PE File Uncategorized

Portable Executable (PE) File – Linking

April 15, 2024March 24, 2024

Static Linking Dynamic Linking

Malware Analysis PE File Uncategorized

Portable Executable (PE) File – PE structure

April 8, 2024March 24, 2024

DOS Header Fields Values Explanation e_magic ‘MZ’ constant signature e_lfanew 0x40 offset of the PE Header PE Header Fields Values […]

Portable Executable (PE) File – What is PE file?

April 1, 2024March 24, 2024

PE file? Features of the PE structure When the binary is executed

Portable Executable Hand Notes

June 5, 2023June 6, 2023

Static Malware Analysis

Static Malware Analysis Hand Notes

June 5, 2023June 6, 2023

Windows Security Log

Windows Security Log Hand Notes

June 5, 2023June 6, 2023

Active Directory

Active Directory Hand Notes

June 5, 2023June 6, 2023