You are browsing the archive for Sandboxing.

Not installing the installers, part 2

May 22, 2022 in Archaeology, Batch Analysis, Clustering, EDR, Forensic Analysis, GoodWare, Sandboxing

In the last post I described how we can pull some interesting metadata from decompiled installers. Today I want to discuss one practical example of how this data can enrich […]

Delphi API monitoring with Frida, Part 2

February 19, 2022 in Malware Analysis, Sandboxing

In my previous post I have demoed a simple example of Frida-based Delphi API monitor. Let’s look at one more example — this time the strings are stored in a […]