Writing your own sandbox has many advantages – the most important is an ability to collect data only large companies have. Analysing many samples gives us an unique insight into coding patterns and one of them is a simple laziness of coders who are often leveraging OS programs/commands to achieve their goals. Today, with the EDR all over the place, many sandboxing services available online, and a admirable tendency of everyone to finally share this data openly it only makes sense to make my obsolete data public.

Here’s a snapshot of some of the malicious commands I ‘logged’ in the past.