Category Archives: Tools

Introducing PE_unmapper

Recently I wrote a small tool, that can be used as a helper in malware analysis. Various malware types unpack their core modules in memory, load them and run. In order to unpack them fast, we can let the malware … Continue reading

Posted in Malware, Tools, Tutorial | 1 Comment

Princess Locker decryptor

[UPDATE: 28th Nov 2016] – unfortunately, recently a new variant appeared, that fixed the bug which allowed me crack this ransomware. If generating the key takes more than few minutes,  it probably means that you has been infected by the … Continue reading

Posted in Malware, Malware Decryptor, Tools | 12 Comments

Anti-Petya live CD (the fastest Stage1 key decoder)

UPDATE: 17-th July a new version of Petya has been released. At the moment, there is no way to decrypt the disk. Don’t let the infection reach the Stage 2! Please read first Petya key decoder for more background information. … Continue reading

Posted in Malware, Malware Decryptor, Tools | 5 Comments

Petya key decoder

source code (Red Petya recovery) NEWS [17 July 2016] A new (3-rd) version of Petya has been released – the current solutions no longer work. It looks exactly like the previous (green) Petya, but contains fixes in cryptography implementation and … Continue reading

Posted in Malware, Malware Decryptor, Tools | 18 Comments

DMA Unlocker

I managed to crack some of the variants of DMA Locker ransomware (version with RSA key), described [here]. For those who are hit by this version , there is an experimental decryptor for it. More details and updates you can … Continue reading

Posted in Malware, Malware Decryptor, Tools | Leave a comment

Introducing new PE files reversing tool

Hi! Today I would like to introduce my new project – PE-bear. In short words – it is a viewer/editor for PE32 and PE64 files. You may ask – why the hell another PE reversing tool? Well, I started developing … Continue reading

Posted in PE-bear, Tools | Tagged , , , , , , | Leave a comment