Search
Malware Owl (◎▼◎)

Malware Owl (◎▼◎)

Anything POC / Learning

Understanding 64 bits Windows 10 Shellcode (Calc.exe) - Part 1
7 min read

Understanding 64 bits Windows 10 Shellcode (Calc.exe) - Part 1

In this part, we will see how basic shellcode works and how we move from the TEB structure to getting Kernel32.dll base address to getting WinExec's function pointer and popping calculator.

MalwareOwl's Picture
MalwareOwl in Writeups
DudeLocker (Flare-on 2016) - RVA and Import Descriptors
8 min read

DudeLocker (Flare-on 2016) - RVA and Import Descriptors

Learning how PE files get imported function names from headers. Cleared up concepts on Relative Virtual Address and learnt some Important data structures pertaining to imports.

MalwareOwl's Picture
MalwareOwl in Writeups
Welcome to my Blog everyone !
1 min read

Welcome to my Blog everyone !

A Welcome post. The first ever post.

MalwareOwl's Picture
MalwareOwl in Welcome

Latest Posts

A Quick Look at BlackWood DLL Loader
17 min read

A Quick Look at BlackWood DLL Loader

MalwareOwl's Picture
MalwareOwl
Relocation Table and Import Address Table (IAT) in Reflectively Loaded PE File
13 min read

Relocation Table and Import Address Table (IAT) in Reflectively Loaded PE File

MalwareOwl's Picture
MalwareOwl

Explore Tags

CTF MalwareAnalysis QuickPeek Welcome Writeups