Finally, my research on Gracewire and a P2P malware that used the same VFS.

https://blog.codsec.com/posts/malware/gracewire_adventure/

https://github.com/y0ug/gracewire_research/

After so long, this took way more time than expected to compile my notes and scripts.

A lot of python scripts, some @qiling too

@RolfRolles@twitter.com post https://www.msreverseengineering.com/blog/2021/3/2/an-exhaustively-analyzed-idb-for-flawedgrace was a saver, thank you.

#malware #malwareanalysis #threatintel #qiling #gracewire #flawedgrace