If you want to discuss malware, my debloat tool, infosec, cross-disciplinary insights, or have a community to hangout with, join the Debloat Discord: discord.gg/dvGXKaY5qr The goal is a friendly community for learning. (animation by me)
I'm proud to say my tool to reduce the size of bloated malware is used by the Canadian Centre for Cyber Security (CCCS)'s AssemblyLine tool. AssemblyLine is a tool to automate file analysis. Debloat is part of the extract-service. github.com/Squiblydoo/d...github.com/CybercentreC...
Low Detection #SolarMarker #Infostealer #EV #SIGNED LAABAI LTD C2: 146.70.40.228 C2: 212.237.217.133 Triage: tria.ge/230821-2lmhj...virustotal.com/gui/file/a01...bazaar.abuse.ch/sample/fd834...bazaar.abuse.ch/sample/b44f8...
Low detection SolarMarker Infostealer C2: 91.206.178.106 C2: 193.29.56.179 Signed: "CHILL ANAESTHESIA LTD." VirusTotal: 3/66 c6fda8a049ebd7872358acfa2505f226e931e0f71090c19412e7b6d0a1c6e129 Backdoor: 511637bf26adb8ac42cec6f38da7cc25ceee118e4a5f09e61bfc39defbc97809
Debloat- removes junk bytes commonly pumped into infostealers. CLI and GUI functions for ease. Can also be used with karton and assemblyline. Check out the repo to learn more. :) I have 2 use cases I am working on, but should work 7/8 times. https://github.com/Squiblydoo/debloat