Karsten Hahn

@[email protected]
498 Followers
78 Following
131 Posts
Malware Analyst at G DATA. Ransomware hunter. he/him 🦔🌈🏳️‍⚧️
Karsten HahnMay 7
😂 @rifteyy just pointed me to this gem in the VT comment section for the empty file
https://www.virustotal.com/gui/file/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855/community
Karsten HahnApr 19

New Video: Build your own LLM dynamic analysis lab 🦔🎥

➡️ AI debugs and unpacks with x64dbg
➡️ AI can access powershell terminal

https://www.youtube.com/watch?v=QrWzRgPsyTE

Build your own AI based Dynamic Reversing Lab, x64dbg automate

YouTube
Karsten HahnMar 24

My malware analysis courses have now a new certificate design.

https://malwareanalysis-for-hedgehogs.learnworlds.com/courses

Karsten HahnMar 23

Added a task for the SugarSMP spark stealer sample to samplepedia

https://samplepedia.cc/sample/060ed0ec27a0a4ad7b55425ed56d8ef0c55aa61b499d4884d1679f18d518ddf3/89/

Karsten HahnMar 17

I wrote an article about SugarSMP Minecraft scams, Spark stealer, extortion and hacked accounts.

After a brief contact to the threat actor, we talked to two victims and followed the trail.

Analysis in collaboration with @rifteyy
#GDATATechblog #GDATA
https://blog.gdatasoftware.com/2026/03/38390-minecraft-mod-sugarsmp-malware

Minecraft: SugarSMP's Dark Tale of Scams, Malware & Extortion

Some Minecraft players were looking for safe haven away from griefers, but found an elaborate web of malware, deception and extortion.

Karsten HahnMar 15
🦔 📹 Video: Building your own AI Malware Analysis Lab
➡️ old system, 16 GB RAM
➡️ using Remnux
#MalwareAnalysisForHedgehogs #LLM
https://www.youtube.com/watch?v=YOduz8VIvvw
Build your own AI Malware Analysis Lab with Remnux

YouTube
Show threadKarsten HahnMar 7

Sample: https://samplepedia.cc/sample/49660527c1c910ad2d3c5625c1b44682e465e45b65883dfc8d7d229d1bd0ebd8/87/

Related tweet: https://x.com/struppigel/status/2027765529600016471

PKG tool: https://github.com/struppigel/hedgehog-tools/tree/main/PKG

49660527c1c910ad2d3c5625c1b44682e465e45b65883dfc8d7d229d1bd0ebd8

Karsten HahnMar 7

🦔 📹 New video: NodeJs analysis when deobfuscator fails
➡️ #MythJs stealer sample
➡️ pkg VFS exploration tool
➡️ js-confuser

#MalwareAnalysisForHedgehogs
https://www.youtube.com/watch?v=gtLqrjsGRmQ

Malware Analysis - Deobfuscating NodeJs pkg packed stealer MythJs

YouTube
Karsten HahnMar 3

New blog: Using LLMs the right way for malware analysis

💡Tips for building an autonomous AI analysis lab on a 12 yo laptop and getting stuff done faster without loss of accuracy.

https://blog.gdatasoftware.com/2026/03/38381-llm-malware-analysis

Show threadKarsten HahnFeb 28
@xorhex Everyone can view solutions and tasks but only after login you can create a solution.
So yes, you can share links to solutions for others who don't have an account, if that's your question.