NotPetya
A static analysis of the NotPetya ransomware
Install / Use
/learn @RoanH/NotPetyaREADME
NotPetya Malware Analysis
This repository contains an analysis of the NotPetya malware. The SHA256 hash of the sample that was analyzed is 027cc450ef5f8c5f653329641ec1fed91f694e0d229928963b30f6b0d7d3a745. All the work presented here is produced for the 2IC80 - Lab on offensive computer security course by:
- Roan Hofland
- Sverre van Mulken
Repository content
- A Ghidra project for the NotPetya binary with the aforementioned hash can be found in NotPetya.
- A log for the reverse engineering process with highly detailed descriptions of all the subroutines can be found in Notes.
- A report summarizing the key findings can be found here.
Malware
This repository does not contain any malware, the sample analyzed can be found in the following GitHub repository: fabrimagic72/malware-samples. Please take care when handling these samples.
History
Project development started: 25th of February, 2020.
Project due date: 13th of April, 2020.
Related Skills
node-connect
351.2kDiagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps
frontend-design
110.6kCreate distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.
openai-whisper-api
351.2kTranscribe audio via OpenAI Audio Transcriptions API (Whisper).
qqbot-media
351.2kQQBot 富媒体收发能力。使用 <qqmedia> 标签,系统根据文件扩展名自动识别类型(图片/语音/视频/文件)。
Security Score
Audited on Jan 9, 2026