Mohammad Amr KhanCVE-2021–40444 CyberChef RecipeThis is a quick cyberchef receipe to extract defanged URLs from the maldocs that are used as the first stage of CVE-2021–40444’s…Sep 20, 2021Sep 20, 2021
Mohammad Amr KhanAnalysis of 1d4a1bc1cf53be8e18789b4c6c351c6f0ee88e14cf4fbde0adc55e0b39010bdc (maldoc)The samples included in this analysis were obtained from MalwareBazaar. This writeup will look at two different files. The first file is a…Sep 18, 2021Sep 18, 2021
Mohammad Amr KhanInstalling MISPMISP is a great threat intelligence platform, for users/organizations of all sizes. One of the major advantages that it has going for it…Sep 18, 20212Sep 18, 20212
Mohammad Amr KhanPhishing Analysis 1 — MoonFruit UofTThe email was delivered from what appears to be a student mailbox since the domain is prepended by a term that is used for student emails…Aug 31, 2021Aug 31, 2021
Mohammad Amr KhanSetting Up Flare VMThis post will detail how I went about setting up Flare VM for static analysis. The first step was to setup a Windows 7 VM and this was…Aug 30, 20211Aug 30, 20211