So I’ve been busy for a while and couldn’t write much, many apologies. For this article I’ll be writing about a new injection method known as Process Doppelganging and create an automated unpacker for it. Process Doppelganging is a newly discovered injection method that bypasses all AVs HIPs engine. As it has only been discovered […]

Read more

This is a rather long article which most readers may not deem enjoyable; however, I would like for you to give it a chance. Some of this is written in a manor to be understood the lesser experienced. Maybe because I am too stupid myself : D The following methods were used in aid of […]

Read more

As promised, prime crypt, a new crypting service available on HackForums.Net, was looked at by the Krabs Investigation Team. A sample of it was provided to us by a fellow malwarehuntermen (not to be confused with the twitter user malwarehunterteam), and we shall put it under the critical lense of Bikini Bottom’s finest patties. Sample […]

Read more

Hello, today I would like to discuss a new AutistWare variant known to the public as “Bayside RAT”. Bayside RAT is attributed to BuldingIstStoopid, a threat actor from the  malware krew “BotSquid”, who’s been cyber bullied multiple times by Mr. Krabs/Codefuser. BuldingIstStoopid is known for releasing crapwares that either (1) doesn’t function or (2) doesn’t […]

Read more