A Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms. Four years running. A Leader in the Gartner® Magic Quadrant™

Read the Report

A Leader in the Gartner® Magic Quadrant™

Experiencing a Breach?
Blog
Contact

English
日本語
Deutsch
Español
Français
Italiano
Dutch
한국어

Get a Demo

Platform Overview
Data & AI
Endpoint Security
Cloud Security
Identity Security
- Singularity Identity Identity Threat Detection
  and Response

Why SentinelOne?

Why SentinelOne?
Compare SentinelOne
Verticals

Strategic Services
- PinnacleOne Strategic Advisory Group
Services Overview
Managed Services
Support, Deployment, & Health

Our Network
Program Overview

Resource Center
View All Resources
Blog
Blog
Tech Resources

About

About SentinelOne

English
日本語
Deutsch
Español
Français
Italiano
Dutch
한국어

Get a Demo

Daniel Bunce

Building A Custom Tool For Shellcode Analysis

From the Front Lines | 6 minute read

Writing Malware Traffic Decrypters For ISFB Ursnif 3 1

Writing Malware Traffic Decrypters for ISFB/Ursnif

Daniel Bunce / October 17, 2019

Daniel Bunce explains how to decrypt traffic between an attacker’s C2 and an endpoint infected with ISFB malware

Writing Malware Configuration Extractors For ISFB Ursnif 3

Writing Malware Configuration Extractors for ISFB/Ursnif

Daniel Bunce / October 10, 2019

Daniel Bunce demonstrating automated IOC extraction using a python script and an example of ISFB/Ursnif malware.

INFO STEALERS HOW MALWARE HACKS PRIVATE USER DATA 1

Info Stealers | How Malware Hacks Private User Data

Daniel Bunce / September 26, 2019

Continuing our free Zero2Hero malware reverse engineering course, Daniel Bunce dives into the details of KPot, Vidar & Raccoon Info Stealers.

Gootkit Banking Trojan Part 3 Retrieving The Final Payload 1

Gootkit Banking Trojan | Part 3: Retrieving the Final Payload

Daniel Bunce / September 5, 2019

Gootkit’s final payload contains multiple Node.js scripts. Join Daniel Bunce as he reverse engineers the malware to take a deeper look at what it delivers.

Copy Of Copy Of Gootkit Banking Trojan Deep Dive Into Anti Analysis Features 1

Security Research

Gootkit Banking Trojan | Part 2: Persistence & Other Capabilities

Daniel Bunce / August 29, 2019

Reverse engineering Gootkit reveals tricks for persistence, self-updating and a kill switch. Join us as we continue our deep dive into this banking malware

Gootkit Banking Trojan Deep Dive Into Anti Analysis Features 1

Gootkit Banking Trojan | Deep Dive into Anti-Analysis Features

Daniel Bunce / August 15, 2019

Gootkit packs plenty of Anti-Analysis features to evade sandboxes, prevent execution in a Virtual Machine, and slow down analysis. Let’s take a dive inside!

Search

Search ...

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

Recent Posts

LABScon24 Replay | Farmyard Gossip: The Foreign Footprint in US Agriculture
March 5, 2025
Ghostwriter | New Campaign Targets Ukrainian Government and Belarusian Opposition
February 25, 2025
Censorship as a Service | Leak Reveals Public-Private Collaboration to Monitor Chinese Cyberspace
February 21, 2025

Labs Categories

Crimeware
Security Research
Advanced Persistent Threat
Adversary
LABScon
Security & Intelligence

©2025 SentinelOne, All Rights Reserved.

Privacy Notice Master Subscription Agreement

Company

Our Customers
Why SentinelOne
Platform
About
Partners
Support
Careers
Legal & Compliance
Security & Compliance
Contact Us
Investor Relations

Resources

Blog
Labs
Product Tour
Press
News
FAQ
Resources
Ransomware Anthology

Global Headquarters

444 Castro Street
Suite 400
Mountain View, CA 94041

+1-855-868-3733

[email protected]

Sign Up For Our Newsletter

Thank you! You will now receive our weekly newsletter with all recent blog posts. See you soon!

Language

English
日本語
Deutsch
Español
Français
Italiano
Dutch
한국어