A blog about malware and file formats

Welcome to malcat official blog. Click on the links below to filter by article category:
Statically unpacking a simple .NET dropper

A .NET dropper using multiple base64 and xor cipher pass to finally drop a Loki sample. We will show how to unpack it 100% statically using Malcat's builtin transformations.

Read more →