Skip to content
/ MalwareHound Public

Malware analysis reports, including static and dynamic analysis, YARA rules, and threat intelligence mapping.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

hackeringtrue/MalwareHound

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

12 Commits
reports
reports
Β 
Β 
yara
yara
Β 
Β 
.gitattributes
.gitattributes
Β 
Β 
README.md
README.md
Β 
Β 
SyntheticHijacker-Report-PMAT.pdf
SyntheticHijacker-Report-PMAT.pdf
Β 
Β 

Repository files navigation

πŸ§ͺ Weekly Malware Reports

Welcome to the MalwareHound project β€” a personal initiative to reverse engineer and analyze one malware sample per week. This repository includes static and dynamic analysis, behavioral breakdowns, YARA rules, and professional-grade reports in PDF format.

Goal: Sharpen malware analysis skills through weekly hands-on work and contribute to the community's collective knowledge.

πŸ“„ Reports

Date Malware Name Type PDF Report YARA
2025-07-01 PDF.Dropper.EncShell.pdf embedded/encrypted shell πŸ“„ Report 🧬 Rule
2025-06-24 LNK.APT.ZeroDayLoader LNK / .NET Reflective πŸ“„ Report 🧬 Rule
2025-06-18 SyntheticHijacker Persistence Hijacker πŸ“„ Report 🧬 Rule

More reports will be added. Stay tuned!

🧰 Tools Used

  • YARA β€” Pattern-matching engine for malware signatures
  • Detect It Easy (DIE) β€” Static file type and packer detection
  • dnSpyEx β€” .NET debugger and decompiler
  • ILSpy β€” .NET assembly browser and decompiler
  • x64dbg β€” Debugger for Windows executables
  • Ghidra β€” Disassembler and decompiler for reverse engineering
  • Wireshark β€” Network protocol analyzer
  • Procmon (Process Monitor) β€” Runtime system activity monitor
  • Process Hacker β€” Advanced process viewer
  • Capa β€” Identifies capabilities in executables
  • CyberChef β€” Cyber Swiss army knife for data transformation
  • UPX β€” Executable packer/unpacker
  • PE-bear β€” PE structure inspection and patching
  • REMnux β€” Malware analysis Linux distro
  • FLARE-VM β€” Malware analysis Windows VM setup
  • INetSim β€” Simulates internet services in an isolated network
  • MobSF (Mobile Security Framework) β€” APK static analysis
  • Cutter β€” GUI frontend for Radare2, used for disassembly and analysis
  • Fakenet-NG β€” Simulated network services for malware behavior monitoring

πŸ“ Structure

MalwareHound/
β”œβ”€β”€ README.md
β”œβ”€β”€ reports
β”‚Β Β  β”œβ”€β”€ LNK.APT.ZeroDayLoader.pdf
β”‚Β Β  β”œβ”€β”€ PDF.Dropper.EncShell.pdf
β”‚Β Β  └── SyntheticHijacker-Report-PMAT.pdf
β”œβ”€β”€ SyntheticHijacker-Report-PMAT.pdf
└── yara
    β”œβ”€β”€ LNK.yara
    β”œβ”€β”€ pdf-loader.yara
    └── SyntheticHijacker.yara

πŸ” Disclaimer

This repository is created for educational and research purposes only.
Do not attempt to reuse or repackage the information for malicious purposes.
The author is not responsible for any misuse of the data or code shared.

πŸ‘¨β€πŸ’» Author

Hackering True
Cybersecurity Researcher & Malware Analyst
🌐 GitHub Profile
πŸ’Ό LinkedIn

About

Malware analysis reports, including static and dynamic analysis, YARA rules, and threat intelligence mapping.

Topics

malware-analysis malware-research malware-detection malware-reports

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages