I'm Malware Analyst focused on reverse engineering, detection engineering, and practical malware research.

I work on real samples, write reports, extract IOCs, map behavior to MITRE ATT&CK, and build tools and scripts when analysis benefits from automation.

• Malware analysis and reverse engineering of Windows, Linux, and script-based threats
• Anti-analysis, obfuscation, unpacking, and deobfuscation
• Detection engineering with YARA, Sigma, IOCs, and ATT&CK mapping
• Tooling and automation in C/C++ and Python for analysis workflows

• BlackCat / ALPHV Research — longitudinal technical analysis of BlackCat ransomware across 2021–2023.
  Static, dynamic, and partial reverse engineering of Windows PE, Linux ELF, and PowerShell samples; cryptographic analysis; behavior analysis; infrastructure and victimology overview; defensive implications and detection priorities. (link)

• Malware Reports / Writeups — analysis reports covering sample behavior, IOCs, ATT&CK mapping, and detection logic.
  Includes detection-oriented outputs such as YARA and Sigma rules where applicable. (link)

• PE Packer Research — a research project focused on evasion and anti-analysis techniques.
  Includes custom cryptography, anti-debugging, and process hollowing. (link to Veil-Forge)

• Analysis Tooling — small utilities and scripts for malware triage, deobfuscation, and network IOCs extraction.

• Reverse engineering: Binary Ninja, Ghidra, x64dbg / x32dbg, x86 / x64
• Languages: C / C++, Python
• Malware triage: Procmon, FakeNet, Wireshark, Sandboxes, Threat Vendors
• Detection: YARA, Sigma, IOC extraction, MITRE ATT&CK
• Crypto: ChaCha20-Poly1305, RSA, HKDF, SHA-256, applied cryptography
• Other: unpacking, obfuscation analysis, deobfuscation scripting

• Ukrainian — Native
• Russian — Native
• English — B2
• Polish — B1

• Discord: arrbat
• Email: gvl7kdlcc@mozmail.com