Macro on Phishing Email

January 10, 2026

Series: DFIR

Reading time : “16 min” The phishing email After receiving this phishing email with this information, the link on the download leads to downloading a suspicious XLSX file. Key Observations: The email uses social engineering tactics to create urgency The download link points to an external hosting service No legitimate business would request action through such generic messaging The Malicious XLSX File By gathering its SHA256 and verifying on VirusTotal, we can tell that it is a malicious file.

Incident Response

October 25, 2024

Series: Hunting the hunter

Reading time : “16 min” GETI City Cyber Crisis Episode 01: The Breach In the heart of Golang Country stands GETI City - a metropolis where technology and ambition touch the sky… Scene 1: The City The winter wind howls through GETI City’s glass-and-steel canyons, carrying whispers of digital secrets between towering skyscrapers. Neon signs pierce the darkness, their glow reflecting off the frost-covered windows of Brukley Company’s cybersecurity headquarters.

Reverse Eng

December 15, 2023

x86-64
ARM

Series: Assembly

Reading time : “8 min” The Digital Storm Chronicles Episode 1: The Binary Tempest A storm rages outside as two security experts face their first challenge Scene 1: The Two Old Cracker Friends Thunder crashes outside a dimly lit apartment in C City Monaquimbamba: “Hey, how are you?” Howard: “Thanks for coming! I’m having trouble with this binary that a winter phenomenon sent to my bitcoin wallet.” ./bitcoinnewallet arm-binfmt-P: Could not open '/lib/ld-linux.