Skip to content

0xi6r/Malware-Analysis-Research

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

58 Commits
A Look into PlugX Kernel driver.pdf
A Look into PlugX Kernel driver.pdf
 
 
Advanced CyberChef Techniques for Configuration Extraction - Detailed Walkthrough and Examples.pdf
Advanced CyberChef Techniques for Configuration Extraction - Detailed Walkthrough and Examples.pdf
 
 
Analysing STOP Ransomware.pdf
Analysing STOP Ransomware.pdf
 
 
AsyncRAT loader- Obfuscation, DGAs, decoys and Govno.pdf
AsyncRAT loader- Obfuscation, DGAs, decoys and Govno.pdf
 
 
BRICKSTORM Backdoor.pdf
BRICKSTORM Backdoor.pdf
 
 
Behind the Walls Techniques and Tactics in Castle RAT Client Malware.pdf
Behind the Walls Techniques and Tactics in Castle RAT Client Malware.pdf
 
 
Clipping Wings- Our Analysis of a Pegasus Spyware Sample.pdf
Clipping Wings- Our Analysis of a Pegasus Spyware Sample.pdf
 
 
Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware.pdf
Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware.pdf
 
 
Cracking ValleyRAT From Builder Secrets to Kernel Rootkits.pdf
Cracking ValleyRAT From Builder Secrets to Kernel Rootkits.pdf
 
 
Defeating AuraStealer Practical Deobfuscation Workflows for Modern Infostealers.pdf
Defeating AuraStealer Practical Deobfuscation Workflows for Modern Infostealers.pdf
 
 
DriverFixer0428 macOS Credential Stealer.pdf
DriverFixer0428 macOS Credential Stealer.pdf
 
 
From Armillaria loader to EDR killer.pdf
From Armillaria loader to EDR killer.pdf
 
 
From Loader to Looter ACR Stealer Rides on Upgraded CountLoader.pdf
From Loader to Looter ACR Stealer Rides on Upgraded CountLoader.pdf
 
 
GachiLoader Defeating Nodejs Malware with API Tracing.pdf
GachiLoader Defeating Nodejs Malware with API Tracing.pdf
 
 
How Rogue ISPs Tamper With Geofeeds.pdf
How Rogue ISPs Tamper With Geofeeds.pdf
 
 
Inside Valkyrie Stealer Capabilities Evasion Techniques and Operator Profile.pdf
Inside Valkyrie Stealer Capabilities Evasion Techniques and Operator Profile.pdf
 
 
Lynx Ransomware- A Rebranding of INC Ransomware.pdf
Lynx Ransomware- A Rebranding of INC Ransomware.pdf
 
 
Malicious VSCode Extension Launches Multi-Stage Attack Chain with Anivia Loader and OctoRAT.pdf
Malicious VSCode Extension Launches Multi-Stage Attack Chain with Anivia Loader and OctoRAT.pdf
 
 
Malware Analysis - Rhadamanthys.pdf
Malware Analysis - Rhadamanthys.pdf
 
 
New Threat- A Deep Dive Into the Zergeca Botnet.pdf
New Threat- A Deep Dive Into the Zergeca Botnet.pdf
 
 
README.md
README.md
 
 
REKOOBE APT-31 Linux Backdoor Analysis.pdf
REKOOBE APT-31 Linux Backdoor Analysis.pdf
 
 
ShadowHS A Fileless Linux PostExploitation Framework Built on a Weaponized hackshell.pdf
ShadowHS A Fileless Linux PostExploitation Framework Built on a Weaponized hackshell.pdf
 
 
SysWhispers2 analysis.pdf
SysWhispers2 analysis.pdf
 
 
Technical Analysis of Copybara.pdf
Technical Analysis of Copybara.pdf
 
 
The Massive Android Botnet with 18 Million Infected Devices.pdf
The Massive Android Botnet with 18 Million Infected Devices.pdf
 
 
Understanding Internals of SmokeLoader.pdf
Understanding Internals of SmokeLoader.pdf
 
 
Unfolding Agent Tesla- The Art of Credentials Harvesting..pdf
Unfolding Agent Tesla- The Art of Credentials Harvesting..pdf
 
 
Unpacking the unpleasant FIN7 gift- PackXOR.pdf
Unpacking the unpleasant FIN7 gift- PackXOR.pdf
 
 
Vidar Stealer Malware Analysis.pdf
Vidar Stealer Malware Analysis.pdf
 
 
remote backdoors.pdf
remote backdoors.pdf
 
 

Repository files navigation

Malware Analysis Research Papers

This is my personal collection of research papers that I have found particularly engaging, insightful, and worth revisiting. Each paper in this repository has been selected because it either:

  • Changed my perspective on malware analysis
  • Solved a practical problem I encountered
  • Introduced an elegant technique worth remembering
  • Stood the test of time as foundational knowledge
  • Spark excitement about where the field is heading

Think of this as my annotated bibliography of malware research that has shaped my understanding and practice as a security researcher.

Who Is This For?

For Myself:

  • A personal knowledge base to return to when I need inspiration or reference
  • Curated quality over quantity—only papers that earned their spot

To Share With Others:

  • Filtered signal from the noise of thousands of security papers
  • Context about impact that you won't find in abstracts
  • Connections between papers that reveal larger trends
  • Practical takeaways from someone who actually applied the research

Scope & Focus

This collection specifically targets deep technical research in:

  • Static/Dynamic/Hybrid Analysis Techniques
  • Reverse Engineering Methodologies
  • Malware Detection & Classification (ML/AI, signature-based, behavioral)
  • Unpacking, Deobfuscation & Anti-Analysis Evasion
  • Memory Forensics & Live Analysis
  • Threat Intelligence Extraction & Automation
  • Malware Family Classification & Tracking
  • Large-Scale Malware Corpus Studies

🙏 Acknowledgments

A big shout out to vx-underground for hosting most of these papers and helping advance our malware analysis journey. Their incredible archive of malware samples, research papers, and security resources has been invaluable in building this collection and deepening our understanding of the field.

Note: I respect copyright and only share papers that are open access or legally available. When possible, I will link to official sources rather than hosting PDFs directly.

📄 License & Usage

This collection is provided for educational and research purposes under fair use principles. Individual papers remain the intellectual property of their respective authors and publishers. Please respect citation norms and copyright when using these resources.

"Understanding the enemy's tools is the first step in building better defenses."

About

A personalized COLLECTION of technical research papers focused on malware analysis. Covers static/dynamic analysis, sandboxing, behavioral classification, threat intelligence extraction, and anti-evasion techniques.

Topics

reverse-engineering malware malware-analysis research-paper secuirty

Resources

Readme
Activity

Stars

27 stars

Watchers

0 watching

Forks

1 fork
Report repository

Contributors