Malicious DLL Analysis

Michael Koczwara
9 min readFeb 20, 2023

Static/Dynamic Analysis and Reversing

I will be back soon


Right so again I will keep this intro very short. I have scanned (again) malicious infrastructure (maybe Threat Actors, maybe Red Teams, or maybe …)

and I was able to find out (again) an open directory with a bunch of interesting files (malicious DLLs and Sliver implants).

opendir and sliver implants

Malicious IP hosting Sliver implants and DLLs.


Obviously, I dumped all the files into VT

VT analysis