A Blog about malware and file formats

All articles for category: nsis
Reversing a NSIS dropper using quick and dirty shellcode emulation
Reversing a NSIS dropper using quick and dirty shellcode emulation

We will statically unpack and emulate a malicious NSIS installer running multiple shellcodes, up to the final Lokibot password stealer and its configuration.

Read more →