Fatah Hashim is a member of the VX Engineering Security Research Group. He served in the cyber military sector in Malaysia Ministry of Defence (MINDEF) during his previous work and is now employed as a malware analyst in the national cybersecurity specialist agency. Specializing in offensive and defensive security software research, analysis, and development. His professional career and research interests focus on countering adversaries, malware research, reverse code engineering, and Red-Blue Teaming.
MALWARE ANALYST
Identify, examine and understand the nature, behaviour and potential impact of malicious software (malware).
Analyze suspicious files, URLs, and network traffic to identify and classify malware threats.
Reverse engineer malware samples to understand their functionality, behavior, and potential impact.
Develop and maintain tools and scripts to automate malware analysis processes.
Collaborate with other security analysts and incident responders to investigate and mitigate malware incidents.
Assist in conducting training sessions for clients and internal teams on malware detection and response techniques.
Provide on-site support and services to clients, including malware incident response and forensic analysis.
Manage and respond to malware alerts generated by Endpoint Detection and Response (EDR) platforms.
Stay up-to-date with the latest malware trends, techniques, and tools.
Assist in developing and implementing strategies to improve the detection and prevention of malware attacks.
Document analysis findings and produce detailed reports for internal and external stakeholders.
Provide technical support and guidance to clients and internal teams on malware-related issues.
SECURITY RESEARCHER
Involved in a series of undisclosed projects due to their business sensitivity.
Identify any early threats that may be used maliciously against the business.
Provide prompt actions and consultations to the client/business partner to ensure early mitigation could be in placed before any incident.
Ransom.Free.Kill, Free Ransomware Decryptors, 17 May 2025. [WEBSITE]
cryptix_macros and cryptix_1988. Compile-Time String Encryption & Obfuscation Framework for Rust. Jun, 2025. [WEBSITE]
Workshop part 3: Intel x86/x86-x64 Assembly, RE:HACK Video Series, Jan 5, 2024. [VIDEO]
Workshop part 2: Intel x86/x86-x64 Assembly, RE:HACK Video Series, Jan 3, 2024. [VIDEO]
Workshop part 1: Intel x86/x86-x64 Assembly, RE:HACK Video Series, Dec 30, 2023. [VIDEO] [SLIDE]
Spear-Phishing Stealer Targeting Me: HSBC E-Mail Analysis, MAV-2024-003, Sep 25, 2023. [PDF]
Fileless Rozena With Cobalt Strike Loader Analysis, MAV-2024-002, Oct 29, 2024. [PDF]
FlawedAmmy RAT - Remote Access Trojan with Flawed Encryption and Persistence, MAV-2024-001, Oct 27, 2024. [PDF]
(Q4 of 2025) Practical Malware Analysis & Software Reverse Engineering Training, Parallel Pulse(Defensive Conference), Kuala Lumpur, Malaysia, 2025. [WEBSITE]
(Q4 of 2025) Rust Artifacts Development Essential for Red Team Operator, Malaysia Cybersecurity Camp (MCC), Trainer, 2025. [WEBSITE]
SherpaCTF, DELL, Challenge Creator (Reverse-Engineering Category), 2024. [WEBSITE]
CTF BlackBerry CCoE, Malaysia, Challenge Creator (Reverse-Engineering Category), 2025. [WEBSITE]
RTO – The Art Of Hacking, Attacks & Techniques, Boot-camp Trainer, National Defence University of Malaysia, Military Institution(UPNM), 2024.
Workshop Reverse Engineering AND Speedhack Challenge, Malaysia Cybersecurity Camp (MCC) 2024, Trainer Assistant, 2024. [WEBSITE]
Global Cybersecurity Camp (GCC) Singapore – Malaysia Representative, Participants, 2023. [WEBSITE]
Malaysia Cybersecurity Camp (MCC) First Edition, Participants, 2022. [WEBSITE]
Antivirus Engine Bypass: Static / Dynamic Evasion, SherpaSec, Speaker, 2024.
Assembly Language Programming Windows x86/x64, Speaker, UTeM & GMI, 2023.
Workshop x86 Disassembly and Advanced Static Analysis, Universiti Teknologi MARA (UiTM), Trainer, 2024.
TVET@KKDW, Project: Web-based Threat Analysis (4Intel), Booth Presenter, 2023.
Simulate Open-Source C2 Framework to test detection Cisco Firewall ASA, Defense Services Asia Exhibition & Conference (DSA), Booth Presenter, 2022.
Certified HRD Corp trainer TTT
CyberSEE, CyberEast+, CyberSouth+, GLACY-e and Octopus Projects: The Cyber Games 2025, Ranked 4th with the highest score out of 106 players, Player, Malaysia. [WEBSITE]
4th Place Cydes: Cyber Warzone, Domestic Hacking Competition (CTF) Awards, CTF Player, 2023.
Automating & Tooling Your Own CAN Hacking Tool on a Cheap Car Hacking Adventure LAB AND Firmware Emulation with Qiling Framework, Siber Siaga Deep Technical Labs Session, KLCC Convention Centre, 2023. [WEBSITE]