A Blog about malware and file formats

All articles for category: lokibot
Reversing a NSIS dropper using quick and dirty shellcode emulation

Reversing a NSIS dropper using quick and dirty shellcode emulation

Sun 17 April 2022
We will statically unpack and emulate a malicious NSIS installer running multiple shellcodes, up to the final Lokibot password stealer and its configuration.
Read more →