Lightnews — Scholar-powered news

Malcat dev @malcat4ever.bsky.social · 8h

#kesakode updated to 1.0.42:

* New entries: Brickstorm, Butoflex, Ladvix, NetStar, Pantegana, Tendyron, Tsunamikit and VampireBot

* Updated entries: AuraStealer, Latrodectus, NightshadeC2 and QNAPCrypt

* 33275 new clean programs whitelisted

* FP-fixed signatures: 1028

Malcat dev @malcat4ever.bsky.social · 7d

#Kesakode updated to 1.0.41:

Malware signatures:
* New malware entries: 14
* Updated malware entries: 16
* FP-fixed signatures: 1340

Files:
* 33 new malicious samples
* 52010 new clean programs

Database:
* 13093705 new unique functions
* 7778950 new unique strings

Malcat dev @malcat4ever.bsky.social · 21d

#Malcat version 0.9.11 has been released, with support for ARM and Mach-O program analysis.
More details below:
malcat.fr/blog/0911-is...

0.9.11 is out: ARM and MachO analysis

Malcat version 0.9.11 is out! With this release, Malcat is now able to analyse MacOS programs. That means: addition of Armv7, Armv8 and Aarch64 disassemblers and decompilers as well as MachO, DMG and...

malcat.fr

1

Malcat dev @malcat4ever.bsky.social · 26d

#Malcat tip #10: analysing backdoored clean software can be hard.
A quick win is to pivot around known constants, thanks to Malcat's 400k+ constants DB (here a #Tropidoor dlder):

1

Reposted by Malcat dev

Invoke RE @invokereversing.bsky.social · 28d

Tomorrow at BSides Edmonton! 🔥

1 1

Malcat dev @malcat4ever.bsky.social · 29d

Updated #Kesakode to 1.0.39:
* New malware entries: HybridPetya, MostereRAT, PhantomStealer, SatanLockV2 and Yurei
* Updated malware entries: 38
* 3285 new library objects seen
* 2622 new clean programs whitelisted
* 905652 new unique functions
* 1330028 new unique strings

Malcat dev @malcat4ever.bsky.social · Sep 18

First steps with #malcat? Here is a tutorial video, courtesy of
@invokereversing.bsky.social :
www.youtube.com/watch?v=gqES...

Malcat : First Steps

YouTube video

www.youtube.com

2 2

Malcat dev @malcat4ever.bsky.social · Sep 12

Updated #kesakode to 1.0.38:

Malware signatures:
* New malware entries: 20 new families
* 564116 new unique functions
* 197608 new unique strings
* 27 new unique constant fingerprints

1

Malcat dev @malcat4ever.bsky.social · Sep 5

Sometimes it looks like #malware, smells like #malware but it's just ... weird:
malcat.fr/blog/get-you...

Get your swimsuit, we're diving into a black SEO scheme

What started like an easy unpacking session to fill a Friday afternoon lead us to a singular black-SEO campaign. Together, we will unravel 4 different malicious loaders written in 4 different programm...

malcat.fr

1

Reposted by Malcat dev

Pasquale Stirparo 🇺🇦 🇪🇺 @pstirparo.bsky.social · Aug 28

TL;DR I am launching my #startup and we are going to change how to evaluate,cluster and reason about #malware, delivering accurate,contextual intelligence on samples. Say Hi to RationalEdge
@rationaledge.bsky.social
rationaledge.io

#threatintel #threathunting #cti #reverseengineering #detection 1/9

RationalEdge - Intelligence Meets Accuracy

Advanced malware analysis and threat intelligence solutions by RationalEdge

rationaledge.io

2 15 25

Reposted by Malcat dev

Invoke RE @invokereversing.bsky.social · Aug 15

We've uploaded our stream from July 28th where we triaged an Emotet infection chain with Renaud from @malcat4ever.bsky.social Enjoy! www.youtube.com/watch?v=xJof...

Triaging Malware with Malcat (Stream - 29/07/2025)

YouTube video by Invoke RE

www.youtube.com

1 1

Malcat dev @malcat4ever.bsky.social · Jul 24

#Kesakode DB has been updated to 1.0.36 !
* 9 new malware families
* 70 extended malware signatures
* 37 new malicious samples in database
* 11440 new library objects seen
* 120k new clean programs whitelisted
* 17M new unique functions
* 3M new unique strings

Malcat dev @malcat4ever.bsky.social · Jul 10

#Kesakode has been updated to 1.0.34!
* 34 new malware entries
* 249 extended malware signatures
* 50 new malicious samples in database
* 58950 new clean programs whitelisted
* 5459056 new unique functions
* 1862336 new unique strings

1

Malcat dev @malcat4ever.bsky.social · Jun 1

Does someone know this #malware, since this is definitely NOT latrodectus. Looks like some Discord-backed infostealer:
bazaar.abuse.ch/sample/85f8c...

Malcat dev @malcat4ever.bsky.social · May 27

You can now check your strings in #malcat against an online library of #Malpedia FLOSSed strings. Just copy this plugin:

github.com/malpedia/mal...

Reposted by Malcat dev

Josh Stroschein | The Cyber Yeti @jstrosch.bsky.social · May 9

🚀 Malcat is a powerful binary file dissector that's essential for Windows and Linux IT-security professionals. As both a feature-rich hexadecimal editor and a disassembler, Malcat offers a comprehensive toolkit for in-depth binary analysis. Check it out 👇

www.youtube.com/live/yzC_539...

Learn How to Dissect Binary Files with the Creator of Malcat!

Malcat is a powerful binary file dissector that's essential for Windows and Linux IT-security professionals. As both a feature-rich hexadecimal editor and a ...

www.youtube.com

1 3

Reposted by Malcat dev

Malcat dev @malcat4ever.bsky.social · May 9

#Malcat 0.9.10 is out! State-of-the-art CFG recovery, MIPS disassembler & decompiler and many UI improvements;

malcat.fr/blog/0910-is...

0.9.10 is out: CFG recovery, MIPS & UI improvements

Malcat version 0.9.10 is out! In this release, we have improved Malcat's CFG recovery algorithm and compared its performances against other reversing software. A new CPU architecture (MIPS) has also b...

malcat.fr

1 2

Malcat dev @malcat4ever.bsky.social · May 9

#Malcat 0.9.10 is out! State-of-the-art CFG recovery, MIPS disassembler & decompiler and many UI improvements;

malcat.fr/blog/0910-is...

0.9.10 is out: CFG recovery, MIPS & UI improvements

Malcat version 0.9.10 is out! In this release, we have improved Malcat's CFG recovery algorithm and compared its performances against other reversing software. A new CPU architecture (MIPS) has also b...

malcat.fr

1 2