Skip to content

Heat-Miser/tinynuke-toolset

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

29 Commits

Dll extractor

Dll extractor

 
 

Injects and DLL grabber

Injects and DLL grabber

 
 

ghidra

ghidra

 
 

miasm

miasm

 
 

screenshots

screenshots

 
 

README.md

README.md

 
 

Repository files navigation

tinynuke-toolset

You'll find in that repository a set of tools and scripts I developped to analyze Tinynuke samples sent to French targets since 2018. You'll find the full story here: https://blog.heat-miser.net/posts/tinynuke/

  • Dll extractor: script used to extract the main Tinynuke DLL from the loader
  • ghidra: set of Ghidra scripts allowing researchers to decode strings and resolve libraries dynamic loading
  • injects and DLL grabber: a python script which is able to talk to a Tinynuke c2 to grab web injects and DLLs
  • miasm: old CEA Sec miasm scripts used to decode dand grab c2 config from Tinynuke DLL sent by the c2

You'll find dedicated README's in the different directories with how to examples

These tools have been tested on the following sample (you can unpack it using InnoExtract)

About

Set of tools to analyze Tinynuke samples

Resources

Readme
Activity

Stars

15 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages