How To Defeat Anti-VM and Anti-Debug Packers With IDA Pro - - vimore.org

How To Defeat Anti-VM and Anti-Debug Packers With IDA Pro

How To Defeat Anti-VM and Anti-Debug Packers With IDA Pro

YouTube

Open Analysis Live! We use IDA Pro and the debugger to unpack a Loki malware sample from a packer that has a ton of anti-analysis, anti-debug, and ant-vm tricks. The original sample from Malware Traffic Analysis: http://www.malware-traffic-analysis.net/2017/11/16/index.html The hybrid-analysis sandbox run: https://www.hybrid-analysis.com/sample/8a3e6b18b0532c63b3e7eda71e6962f5128c2be9e8f52a817bd90d701852473a?environmentId=100 Two excellent manuals for understanding anti-analysis tricks (PDF): http://anti-reversing.com/Downloads/Anti-Reversing/The_Ultimate_Anti-Reversing_Reference.pdf https://www.blackhat.com/presentations/bh-usa-07/Yason/Whitepaper/bh-usa-07-yason-WP.pdf The unpacked sample: https://www.hybrid-analysis.com/sample/4447d464723e1276756f03fc7a77b3d99ea379d5decbc6d78478aad4c498e2ac?environmentId=100 LordPE ... old school cool : )) https://www.aldeid.com/wiki/LordPE We are always looking for feedback, what did you like, what do you want to see more of, what do you want to see us analyze next? Let us know on twitter: https://twitter.com/herrcore https://twitter.com/seanmw As always check out our tools, tutorials, and more content over at http://www.openanalysis.net P.S. @BinaryAdventure has created an excellent tutorial demonstrating the same technique but using OllyDbg! Check it out https://youtu.be/g_fziRrG_Aw



IDA Pro Malware Analysis Tips

Open Analysis Live! A few tips and tricks to help you analyze malware with IDA Pro. PE Mapped Virtual Address vs. Offset In Binary File: 02:55 IDA Pro Layout T

YouTube

Unpacking Themida 2.x 64bit … Without Actually Unpacking - REDUX!

Open Analysis Live! In this tutorial we show how to unpack a Themida 2.x 64bit PE file.... kind of : ) Instead of attacking the Themida protection directly we w

YouTube

DEF CON 23 - Chris Domas - Repsych: Psychological Warfare in Reverse Engineering

Your precious 0-day? That meticulously crafted exploit? The perfect foothold? At some point, they'll be captured, dissected, and put on display. Reverse enginee

YouTube

Analyzing Adwind / JRAT Java Malware

Open Analysis Live! We analyze Adwind / JRAT malware using x64dbg and Java ByteCode Viewer. This was a subscriber request asking us to take a closer look at Adw

YouTube

Unpacking the Packed Unpacker: Reverse Engineering an Android Anti-Analysis Native Library

I will discuss each of the techniques the malware author used in order to prevent reverse engineering of their Android native library including manipulating the

YouTube

IDA Pro поиск HEX значений в играх

5:36 приношу извинения, фрапс выкинул ~22 секунды видео ((. В тот момент я говорил о том, что необходимо проверять каждую ситуацию, но можно пропускать похожие

YouTube

How to use x64dbg debugger ( x64dbg quick tut ) | Using x64 dbg on Windows 10

x64dbg debugger reverse engineering tutorial + how to hack software | Hack & protect software from cracking [Series] ===================================== Subsc

YouTube

Overcome Self-Defending Malware - Tools, Techniques and Lab Setup

Here I demonstrate how to overcome a simple self-defence tactic that some malware samples commonly utilise to target their victims and prevent sandbox / VM anal

YouTube

Manual Unpacking VMProtect v.2.07 Tutorial

Manual Unpacking VMProtect v.2.07 Tutorial this Tutorial perfect working script : http://www9.zippyshare.com/v/kmYPTWRe/file.html

YouTube

Автоматизация отладки в WinDbg

Вас ждет практическая демонстрация автоматизации трудоемких задач при работе с отладчиком WinDbg. Слушатели получат практические навыки разработки скриптов с по

YouTube

Five Awesome Tools to perform Behavioural Analysis of Malware

Here I show you 5 of my favourite tools to use for behavioural analysis. They are: 1. Process Hacker (http://processhacker.sourceforge.net/) 2. Process Monitor

YouTube

x86 In-Depth 4: Labeling Structs Properly in IDA Pro

In this video we demonstrate how to properly label C-Style structs in IDA Pro using our example program.

YouTube

Introduction to Reverse Engineering | Ollydbg Tutorial

An introduction to Reverse Engineering, a behind the scenes of malware analysis, and using tools like Ollydbg. As a practical example we'll be looking into the

YouTube

How to crack Filmora and remove the trial limitations using x64dbg

How to remove the trial limitations from Filmora - pop-up registration nags and video watermark http://morituri.co.nf/

YouTube

Unpacking Bokbot / IcedID Malware - Part 1

We demonstrate how to unpack the first two stages of Bokbot / IcedID malware with x64dbg, PeBear, and IDA Pro. Expand for more... Original sample: 0ca2971ffedf

YouTube

Sandbox Tricks For Faster Reverse Engineering

Open Analysis Live! A quick tutorial on mapping output from your sandbox with disassembled code in IDA. How to quickly match API calls and locate interesting co

YouTube

Real-world Decompilation with IDA Pro - Part 1: Introduction

This video is part 1 of a short series of tutorials to show how you can get started reverse engineering a large, real-world program by decompiling it with IDA P

YouTube

Analyze JavaScript and VBScript Malware With x64dbg Debugger and API Hooking

Open Analysis Live! The fastest way to analyze JavaScript and VBScript malware is by using a debugger to hook API calls. In this tutorial we demonstrate this te

YouTube

User submitted program reverse in OLLYDBG

in this video we analyze a user submitted program and we reverse engineer it to work as if it was activated. we accomplish this by applying some of the techniqu

YouTube