/tags/malware-analysis/Recent content in malware-analysis on juliangrtz.meHugo -- gohugo.ioen-uscontact@juliangrtz.me (juliangrtz)contact@juliangrtz.me (juliangrtz)Wed, 17 Jun 2026 00:00:00 +0000/2026/06/17/fake_re9_mod/Wed, 17 Jun 2026 00:00:00 +0000contact@juliangrtz.me (juliangrtz)/2026/06/17/fake_re9_mod/This is a write-up about a real compromise of my Windows 11 PC. I usually write about reverse engineering from the comfortable side of the table: crackmes, iOS reversing tricks, anti-debugging, decompilers, Frida, IDA, that kind of stuff. This time the target was not a crackme and the sample was not something I downloaded from MalwareBazaar for fun. I installed what looked like a harmless REFramework / Resident Evil 9 mod on GitHub and ended up with a professionally crafted, staged infostealer/RAT infection that had been running on my host for about two weeks.