MalwareInvestigation
reverse engineering random malwares
Install / Use
/learn @Fadi002/MalwareInvestigationREADME
MalwareInvestigation
Table of Contents
Introduction
Welcome to the MalwareInvestigation repository. This repository is dedicated to the analysis of various malware samples. Our goal is to provide detailed reports on the behavior, characteristics, and techniques used by these malicious software.
Malware Samples
| Malware name | original host | type | | :-------- | :------- | :------------------------- | | Gruppe | discord ip logger | stealer/hvnc/miner | | Gruppe/modded | discord server nuker | stealer/hvnc/miner/gruppe modded new domain added | | Akira | Cracked app on cracked.io | stealer/rat | | unknown-944587479 | fake xworm source code | possible rat and stealer |
Block-hosts
You can use the tool i posted here hosts_blocker.bat to block the stealers domains and rat ips i reversed
Tools and Techniques
I use a variety of tools and techniques to conduct my malware analysis. This includes:
- Disassemblers and decompilers
- Stealth sandboxes + online sandboxes
- Network traffic analyzers
- Debuggers and runtime analysis tools
Contributing
Contributions are always welcome!
If you have a malware sample send the link in the issues
License
Related Skills
imsg
349.9kiMessage/SMS CLI for listing chats, history, and sending messages via Messages.app.
discord
349.9kDiscord ops via the message tool (channel=discord).
session-logs
349.9kSearch and analyze your own session logs (older/parent conversations) using jq.
nanoclaw
26.7kA lightweight alternative to OpenClaw that runs in containers for security. Connects to WhatsApp, Telegram, Slack, Discord, Gmail and other messaging apps,, has memory, scheduled jobs, and runs directly on Anthropic's Agents SDK
