root@mr-resetti:~#

hello. my name is resetti, i love hacking, i love to exploit shit, i love malware analysis, and i love threat intelligence.

im a simple guy. and you should follow me on twitter

what is this?

this is my blog dedicated to writeups and notes, whether that be reverse engineering an iot camera, or analysing some new malware, ill be writing all about it here. stay tuned for more.

WeedHack Stealer: A new stealer targeting Minecraft users

Recently, I came across a lot of new .jar malware which seems to be a rebranded version of another .jar malware known as “Majanito”, developed by a threat actor under the same name. After the rebrand and a change in ownership, the stealer was renamed to “WeedHack” and was subsequently setup as a MaaS for sale. They provide a free and paid payload, the latter including more features and spying functionality such as a keylogger, webcam viewer, and screensharing. I’ve also written a basic tool to remove WeedHack.

Setting up & Configuring GhidraMCP - Using AI for quick Malware Analysis

A while back, I came across an awesome video by LaurieWired which was talking about GhidraMCP, which is essentially an MCP (Model Context Protocol) designed for use with Ghidra. In this blog I will walk through the setup and use of this program!

Analysing Piolin, a modified version of Ploutus, and (kind-of) undocumented ATM Malware Sample

Once again, while gathering new ATM Malware resources for some study time, I came across a (kind-of) undocumented sample of Piolin which I got from the Global ATM Malware Wall. So once again, let’s document it!

Analysing ATMWizX, an undocumented ATM Malware Sample

While gathering new ATM Malware resources for some study time, I came across an undocumented sample of ATMWizX which I got from the Global ATM Malware Wall. Let’s document it!

Uncovering a Palestinian & French Stealer Campaign

An interesting file was dropped in a Telegram channel I was apart of with the message “i will be using my private stealer for #opisrael, message me to help it spread”. This blog shows the world of Stealer-as-a-Service markets, and political hacktivism within Telegram against Israel, and a very noisy piece of malware!

Reverse Engineering Notes

This is just a page of notes and important things to me to remember while learning Reverse Engineering

WhiteSnake Malware Analysis

WhiteSnake Malware Analysis

Binary Exploitation Challenge Writeups

This is just a page of writeups I have done for Binary Exploitation Challenges

Binary Exploitation Notes

This is just a page of notes and important things to me to remember while learning Binary Exploitation

Architecture 1001: x86-64 Assembly Notes

This is just a page of notes and important things to me to remember while going through the “Architecture 1001: x86-64 Assembly” Course.

First writeup: Reversing a “Game Cheat” ;)

One day I was chilling on Telegram, when someone who shared a group with me decided to mass spread some leaked game cheats & other tools! Lets take a look and see if they are what they say they are…