I was browsing through Malware Bazaar and came across a Win32 Binary that hadn’t been tagged with anything specific, which piqued my interest it it
For some reason, and I’m assuming it has something to do with licensing, Microsoft doesn’t actually provide an official “MSBuild” docker image. However, they do provide a really simple 5 step process to build one yourself. Generally this wouldn’t be an issue at all however there are some quirks in the GitLab CI workflow that don’t actually allow you to build and use a Dockerfile in a pipeline, it has to be pulled from a registry or a local image. I’ll cover both scenarios in this post.
I don’t know about you, but I personally have around 30+ projects I’m pulling and building off various version control platforms, and it is a very tiresome process.
Boot build VM -> git pull -> whatever sorcery is involved with getting it built -> deploy built artifacts and archive them -> rinse and repeat.
An analysis of a Trojan.Downloader I recently pulled out from one of my honeypots, which led to an interesting find.
Someone was caught with their hand in the (honey)pot!
A look over of a Trojan.Downloader I came across on VirusTotal intelligence. Turned out to be a file hiding more secrets than a wife hiding an affair!