5hidobu
  • About
Navigation bar avatar

  • AKIRA RANSOMWARE - Tetsuo inside the wires

    The new version of the Akira ransomware introduces significant improvements compared to 2023, with a 60% increase in reported activity in 2025.

    Posted on December 23, 2025

    THE AKIRA RANSOMWARE (new version) here you can find the post about the older(first) one. Read the research below you can find a brief overview, and attached pdf. Log deletion to hide traces, advanced string obfuscation, and stronger encryption keys: these are the updates that confirm Akira’s evolution towards greater... [Read More]

  • Dissect Packed Malware 101

    Understand how packers compress or encrypt malicious code to conceal its true functionality and bypass detection.

    Posted on July 21, 2025

    [Read More]

  • PEBby Injector

    How malware can retrieve base address of loaded modules in order to resolve specific functions.

    Posted on December 3, 2024

    [Read More]

  • Lotus Blossom Dropper

    Code analysis of a dropper developed and deployed during espionage campaigns by Chinese nexus threat group Lotus Blossom.

    Posted on July 5, 2024

    [Read More]

  • AMSI bypuss 0x3

    This technique permit to achieve another AMSI bypass via hardware breakpoints. How can we detect this kind of technique? keep reading.

    Posted on January 3, 2024

    [Read More]
  • Older Posts
  • Email me
  • X (Twitter)
  • LinkedIn

5hid  •  2026  •  5hBlog.com

Powered by Beautiful Jekyll