Welcome to 0xHasi

I'm Lehasa — I work on offensive security, reverse engineering, and malware analysis. This is where I share my technical explorations, research, and notes.

ValleyRAT (Part 1): Static Analysis - From Go Loader to Decrypted Implant

February 28, 2026

This write-up documents my static analysis of the sample ValleyRAT from MalOps. The goal was to understand what the binary does without leaning on dynamic analysis, packet capture, or full behavioral emulation. I stuck to triage, disassembly, and payload extraction to build a narrative while answering the challenge questions.

malware-analysis reverse-engineering static-analysis windows go backdoor loader donut c2

Understanding the Why

April 01, 2025

Security gets sold as certainty: dashboards, metrics, “visibility.” The work that keeps pulling me in is the opposite. It’s the part where you do not get to assume the system is telling the truth, and you have to earn every claim by taking something apart.

research-notes malware-analysis reverse-engineering learning