Technical Blog of Ali Aqeel

This blog is dedicated for malware reverse engineering and analysis reporting. Separate post for each malware type to include methods, tools, and techniques used to dissect malware samples. All malware samples presented are publicly available, been found in the wild, and downloaded from different sources. No affiliation or promotion to be made to any tool, platform, or Cybersecurity vendor. This blog is made to enrich cybersecurity content, technical analysis, and show case.

You can refer me to a malware sample that you think is interesting “for research purposes only!” by sending zipped/compressed sample with password (infected) or just sending the hash values to my email below

📬 aliaqeel.sn2[at]

highlight Tweets

Recent Posts

IcedID Analysis

IcedID aka (BokBot) is banking malware designed to steal financial information. Lunar Spider is the threat actor behind IcedID which they’ve been running campaigns since at least 2017. Beside stealing banking information, some incident show that IcedID is an entry stage to ransomware or RAT attack. It’s been observed lately that the threat actor has … Continue reading IcedID Analysis

SolarWinds Attack Plan A: The Imposter

The on-going investigation of SUNBURST/Solorigate supply-chain attack led by FireEye and Microsoft threat teams have reached to the second stage of the attack SUNSHUTTLE [3] [4]. More backdoors and C2 servers been discovered each time disclosing a stage of this wide and massive attack. Estimating the attacker distributed the SUNBURST during March 2020 [5] from … Continue reading SolarWinds Attack Plan A: The Imposter

Dridex Malware Analysis [8 Feb 2021]

Dridex “also know as Bugat and Cridex” is a form of malware banking trojan and infostealer that operated by criminal group referred to as “Indrik Spider”. Dridex specializes in stealing banking credentials via systems that utilizes macros from Microsoft office products like Word and Excel. In previous recoded incident the threat actors have used Dridex … Continue reading Dridex Malware Analysis [8 Feb 2021]

More Posts