marc ochsenmeier

@[email protected]
204 Followers
8 Following
37 Posts

#Malware Analyst | Bosch CERT | Author of #pestudio

https://twitter.com/ochsenmeier

marc ochsenmeierFeb 13, 2024
"Windows Portable Executable" slides > update.
#dfir #infosecurity #malware
https://www.winitor.com/pdf/Windows-Portable-Executable.pdf
marc ochsenmeierFeb 3, 2024
#pestudio 9.58 now available with following changes:
. Fix an issue when fetching the Virustotal report
. Fix a bug when detecting libraries
. Extend indicators
#Malware #Ransomware #infosecurity #dfir
marc ochsenmeierNov 10, 2023
#pestudio 9.56 now available http://www.winitor.com with following changes:
. Toggle DLL <> EXE (file-header)
. Assign new entry-point
. Extend certificate detection
. Dump sections...
#malware #dfir #infosec
Winitor

marc ochsenmeierSep 24, 2023
#pestudio to start #malware initial assessment.
#MITRE #infosec #Ransomware
marc ochsenmeierSep 18, 2023
#pestudio 9.55 now available http://winitor.com with following changes:
. Add groups collection
. Reduce CPU consumption
. Fix bugs
#Malware #Ransomware #DFIR #infosec
Winitor

marc ochsenmeierMar 3, 2023
#pestudio analyses an Executable and provides an overview of the @mitreattack techniques detected. #Malware Medusa #Ransomware
marc ochsenmeierFeb 17, 2023
When handling .NET Executable file, #pestudio enumerates references to managed & unmanaged libraries. #malware #dfir #infosec
marc ochsenmeierJan 26, 2023
Update of #pestudio in a few days, to ease #Malware Initial Assessment. #Ransomware #infosecurity
marc ochsenmeierJan 14, 2023
Update of #pestudio soon, to add Libraries groups in order to accelerate #Malware Initial Assessment.
#Ransomware #infosec #dfir
marc ochsenmeierJan 9, 2023
Some #malware puts the majority of its functionality into Delay-loaded libraries (functions).
#Ransomware #infosec #DFIR