Analyzing nested, obfuscated PHP files…

June 3, 2023 in Archaeology, De-everything, Un-everything, webshell

Many PHP webshells are encrypted, encoded, obfuscated in many different ways, but most use a rudimentary approach relying on engaging the same sequence of code ‘hiding’ routines repetitively, sequences that […]

Analysing PS2EXE executables…

June 1, 2023 in De-everything, Un-everything, Malware Analysis

In my older posts I have shown how to deal with ‘encrypted’ or otherwise ‘protected’ script-to-exe executable files that aim to hide, obfuscate, or otherwise make scripts used to generate […]