Overview Salvador stealer is an android banking trojan that embeds phishing page inside the application to trick victims into entering sensitive information, which is exfiltrated over Telegram. Add...

Challenge Link: GetPDF Scenario: PDF format is the de-facto standard in exchanging documents online. Such popularity, however, has also attracted cyber criminals in spreading malware to unsuspe...

Challenge Link: Obfuscated Scenario: While working as a SOC analyst, you may encounter alerts from the enterprise Endpoint Detection and Response (EDR) system regarding unusual activity on an e...

Challenge Link: XLM Macros Scenario: Instructions Uncompress the lab (pass: cyberdefenders.org) Zip sha256: 35fb4497de1633d6887fd1453ee1426ca627eeec Zip size: 74 KB Scenario Recently, ...

Challenge Link: Emprisa Maldoc Scenario: As a SOC analyst, you were asked to inspect a suspected document a user received in his inbox. One of your colleagues told you that he could not find an...

Challenge Link: MalDoc101 Scenario: Threat actors often use living-off-the-land (LOTL) techniques, such as executing PowerShell, to advance their attacks and move away from macro code. This cha...

Challenge Link: FakeGPT Scenario: Your cybersecurity team has been alerted to suspicious activity on your organization’s network. Several employees reported unusual behavior in their browsers a...

The previous part of this blog series: PE Header: NT Header - Optional Header - Data Directory Section Header Immediately after the Optional Header is the Section Header, which structure is...

The previous part of this blog series: PE Header: NT Header Data Directory In the previous blog of this series, the Data Directory were only mentioned as last member of Optional Header. In th...

The previous part of this blog series: PE Header: MS DOS Header, MS DOS Stub & Rich Header NT Header Following the Rich Header is the NT Header. The NT Header structure is defined for b...