Fumik0_'s box

Some works during my free time

Let’s play (again) with Predator the thief
Let’s play (again) with Predator the thief

Whenever I reverse a sample, I am mostly interested in how it was developed, even if in the end the techniques employed are generally the same, I am always curious about what was the way to achieve a task, or just simply understand the code philosophy of a piece of code. It is a very... » read more

Haruko Malware Tracker – 1 Year Anniversary Update
Haruko Malware Tracker – 1 Year Anniversary Update

Hi folks, It's been one year that the tracker (https://tracker.fumik0.com) is now active and over this past months, I understood that maintaining this solo project was definitely not an easy task. But, right now, Haruko is step by step a growing place that provides a start for OSINT stuff, learning Reverse malware analysis or helping... » read more

Overview of Proton Bot, another loader in the wild!
Overview of Proton Bot, another loader in the wild!

Loaders nowadays are part of the malware landscape and it is common to see on sandbox logs results with "loader" tagged on. Specialized loader malware like Smoke or Hancitor/Chanitor are facing more and more with new alternatives like Godzilla loader, stealers, miners and plenty other kinds of malware with this developed feature as an option.... » read more

Let’s nuke Megumin Trojan
Let’s nuke Megumin Trojan

When you are a big fan of the Konosuba franchise, you are a bit curious when you spot a malware called "Megumin Trojan" (Written in C++) on some selling forums and into some results of sandbox submissions. Before some speculation about when this malware has appeared, this one is not recent and there are some... » read more