Latest Reports
Welcome! On this website you will find a new malware sample analysis every week.
There is no required order to follow. You can simply search for any sample you want to analyze.
The idea is simple: I provide the download link for the sample, and you perform the analysis yourself. You can then read my report and compare it with your results. More information about why this website exists is available on the About page.
WannaCry - invoice_greenanimals.pdf.exe
The WannaCry-family executable checks a hardcoded kill-switch domain and, if unresolved, encrypts user files, deletes backups, and propagates laterally via SMB while establishing persistence through Windows services and registry modifications. It disables recovery options, uses anti-debugging and service-disguise techniques for stealth, and aggressively scans the internal network to maximize disruption and data loss.
Updated 15 February 2026
Difficulty Medium
VenomRAT - ClientAny.exe
A 32-bit C# VenomRAT-style Trojan persists in AppData and decrypts an AES-256 config (RSA-signed) before connecting to a certificate-pinned C2 over TLS. It logs keystrokes, enumerates system info, downloads plugins, and continuously runs anti-analysis checks plus a process-killer to evade inspection.
Updated 15 November 2025
Difficulty Easy
Claim_732989680_03292021.xlsm
Excel workbook with hidden sheets that download and execute three DLLs from three different IP addresses.
Updated 25 October 2025
Difficulty Easy