Malware Analysis
Static & dynamic analysis of PE, scripts, and fileless threats.
Cyber Threat Intelligence
iron defence
Malware Analyst / CTI Researcher
Tracking adversaries. Dissecting malware. Publishing open-source threat intelligence to help defenders stay ahead.
01 / About
Analyst Profile
Security researcher focused on understanding the adversary: how malware operates, how campaigns are structured, and how threat actors evolve their tradecraft over time.
Every report published here is the result of hands-on reverse engineering, sandbox analysis, and OSINT research. Technical findings are translated into actionable intelligence.
// No vendor hype. No marketing fluff. Just raw analysis.
Malware Samples analyzed
IOC Sets published
YARA Rules written
Threat Hunting
Proactive hunting across telemetry using ATT&CK framework TTPs.
CTI Production
Structured threat reports, IOC extraction, and actor profiling.
OSINT Research
Open-source intelligence gathering and infrastructure tracking.
02 / Reports
Threat Intelligence
Each report documents a real-world malware sample or campaign from initial triage through full reverse engineering. IOCs, YARA rules and ATT&CK TTPs are included.
CVE-2026-21509 | Campaign analysis and COM abuse chain
English edition of the report covering CVE-2026-21509 exploitation and Covenant Grunt delivery.
Read report >When a Browser Becomes an Implant: StreamerApp - a new tool in Laundry Bear's arsenal
Analysis of the StreamerApp variant in which a CPL applet launches a browser-based implant using Chromium, WebSocket, and Chrome DevTools Protocol.
Read report >Additional malware write-ups in progress
Upcoming reports will extend the archive with new reverse engineering notes and CTI observations.
Read report >