The personal blog of David Schramm. Zola 2024-10-19T00:00:00+00:00 https://dsxm.de/atom.xml 2024-10-19T00:00:00+00:00 2024-10-19T00:00:00+00:00 Unknown https://dsxm.de/eset-wiper/

<p>I've reversed engineered the ESET Wiper targeting ESET's exclusive partner in Israel to send phishing emails to Israeli businesses. See this article on <a rel="noopener" target="_blank" href="https://www.bleepingcomputer.com/news/security/eset-partner-breached-to-send-data-wipers-to-israeli-orgs/">bleepingcomputer.com</a>.</p>

2024-05-24T00:00:00+00:00 2024-05-24T00:00:00+00:00 Unknown https://dsxm.de/zero2auto-cert/

<p>I've done the <a rel="noopener" target="_blank" href="https://www.0ffset.net/training/zero2auto/"><em>Zero2Automated Advanced Malware Analysis Course</em></a> over the last few months and have now finally passed the exam!</p>

2024-03-30T00:00:00+00:00 2024-04-02T00:00:00+00:00 Unknown https://dsxm.de/embed-str-asm/

<p>I recently came across the GULoader malware family with its string obfuscation and wondered if one can build a similar technique in Rust.</p>

2024-01-29T00:00:00+00:00 2024-01-29T00:00:00+00:00 Unknown https://dsxm.de/zero2auto-custom-sample-1/

<p>My write-up for the first custom sample of the Zero2Automated Advanced Malware Analysis course.</p>

2024-01-07T00:00:00+00:00 2024-01-07T00:00:00+00:00 Unknown https://dsxm.de/simple-packer/

<p>I wanted to know how easy it is for malware to evade anti-virus detection and decided to write my own self-injecting packer.</p>