explorations in BlackMatter machine code and ELF parsing
#1
Outside of GreySec I've been starting to examine the recent BlackMatter ransomware, or at least attempting to do so.



I hope it isn't bad form to do this, but the posts are on my Medium profile here.



This is terra incognita for me, but I would happy to share additional insights or answer questions as well. Hopefully there is something of value there to those interested.

neftis
Reply
#2
It's fine to point people to venues other than GS, as long as the OP contains more than: "Look over here". After all my public and private projects related to GS don't all live on the forum either. Bad form would just be advertising for the sake of driving traffic to your venue. Pointing us to something you have been working on in a format that is not a BBS and providing the appropriate context is perfectly fine.

When i have a moment i'll check out what you've been working on over at Medium.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  assembly and RE vs expanding into C2 creation / learning neftis 0 3,941 09-20-2021, 09:57 PM
Last Post: neftis
  Phishing and Spamming tool blackhat292 1 7,269 07-16-2021, 05:20 PM
Last Post: Vector
  code obfuscation experiment neftis 4 9,037 07-16-2021, 05:15 PM
Last Post: Vector
  Malware Source-code Share Insider 5 17,386 06-14-2020, 06:40 AM
Last Post: Insider