Extract Shellcode from Fileless Malware like a Pro - - vimore.org

Extract Shellcode from Fileless Malware like a Pro

Extract Shellcode from Fileless Malware like a Pro

YouTube

Here I demonstrate how to extract shellcode from the context of a malicious Word doc which uses VBA to inject shellcode into the memory space of a victim process. This code injection is executed solely in memory, therefore is considered 'fileless' as it never touches the disk. Good news for bad guys here is that conventional detection mechanisms will struggle with this kind of activity. Bad news for bad guys is that the malware only persists in memory, therefore dies with a reboot. This is a super interesting technique of executing malware. I demonstrate to you how to extract the shellcode and convert it into a 'usable' executable for the purposes of further analysis and take a step further with you down the rabbit-hole and show how to debug such shellcode using x64dbg. Additionally I show how you can actually identify the shellcode origin with it's true intention using some basic OSINT and how to step through and extract relevant network indicators for the purpose of protecting your environment against such malicious traffic. MD5 of the sample discussed: da6cc46575a6bc74509155b5f2657577 Enjoy the video - you can follow me on https://twitter.com/cybercdh and also don't forget to subscribe to my channel :)



Technical Analysis of a Word Zero Day - CVE-2017-0262 / CVE-2015-2545

Here I demonstrate to you how to analyse a Zero Day (now patched!) in Word which exploits an EPS vulnerability referenced in CVE-2017-0262 / CVE-2015-2545. Thi

YouTube

WannaCry 2.0 Ransomware

A very quick behavioural analysis of WannaCry / wanacry 2.0 / wanacrypt0r ransomware. Filmed in one take with a view to show how to really quickly analyse a sam

YouTube

飛行機が着陸をする時の恐ろしい瞬間TOP10

ANDYKUN GAMES : http://goo.gl/7V8xFY ANDYKUNTOP : http://goo.gl/B8bdSt TWITTER : https://twitter.com/Andykun721 TWITCH : https://www.twitch.tv/andykun7 PATREON:

YouTube

Hadházi László szülői értekezlet szilveszteri rádiókabaré 2018 december 31.

Hadházi László fellépése a 2018. évi szilveszteri rádiókabaréban

YouTube

Fileless Malware Demystified

Fileless Malware Webinar | Nathan Studebaker, Chief Hacking Officer and Greg Edwards, CEO of WatchPoint walk you through what fileless malware and fileless rans

YouTube

Complete User Registration system using PHP and MySQL database

Source code: https://goo.gl/qrFQmV Email verification on localhost PHP and MySQL database: https://goo.gl/PqLP6B In this video, I go through the whole proces

YouTube

Adylkuzz CryptoMiner - A quick behavioural analysis

Adylkuzz is a cryptominer malware sample which is being propagated via the EternalBlue exploit, popularised by the recent WannaCry Ransomware outbreak. Here I

YouTube

Crash of Giant RC B 25 model from Ziroli plan - Maiden Flight disaster

Ziroli's plans for Huge RC models are famous. This model was built from planes and powered by 2 x 26 cc Zenoagh. After extensive taxi trials the model took off

YouTube

JavaScript that drops a RAT - Reverse Engineer it like a pro

Here I show you how to reverse engineer a malicious JavaScript file which drops Netwire RAT malware. The JavaScript contains the encoded contents of the malware

YouTube

ANDY VAJNA KETTŐS ÉLETE!

(+18)Opcionális támogatási lehetőség: https://www.patreon.com/haseo Eddigi támogatók: HARANGI BALÁZS!, Pipin, Trufa, Gandalf, Végh Béla, Kék osztriga homár club

YouTube

Shocking Magician Took Amanda's Bra!!!

► CLICK HERE to Learn How To Sing Tips To Improve Your Singing Voice ► http://KevasMusic.com/Learn-How-To-Sing ◄ ► The ONE Veggie You Must Avoid To Lose Your Be

YouTube

Machining a Cube on a Lathe

Video shows how to make a cube on a lathe using a 4-jaw chuck.

YouTube

Overcome Self-Defending Malware - Tools, Techniques and Lab Setup

Here I demonstrate how to overcome a simple self-defence tactic that some malware samples commonly utilise to target their victims and prevent sandbox / VM anal

YouTube

Is WhatsApp leaking your Private Information?

In this video I look at how WhatsApp leaks your private IP address if you type a URL into an encrypted conversation. I heard about this from a tweet from @mulan

YouTube

Three and a half ways to unpack malware using Ollydbg

Here I demonstrate to you three (and a half!) ways to unpack malware. Malware is often packed for the purpose of AntiVirus and Analysis evasion, therefore it is

YouTube

Five Awesome Tools to perform Behavioural Analysis of Malware

Here I show you 5 of my favourite tools to use for behavioural analysis. They are: 1. Process Hacker (http://processhacker.sourceforge.net/) 2. Process Monitor

YouTube

How to create Data Entry Form in Excel - Ms Office?

How to create Data Entry Form in Excel - Ms Office?

YouTube

Malicious Powerpoint and .jse behavioural and code analysis

A really interesting sample recently came to light where a mouse-hover event in Powerpoint would invoke Powershell to download a malicious .jse file. Here I s

YouTube

Latest evasion techniques in fileless malware - fl3uryz & Andrew Hay

Latest evasion techniques in fileless malware - fl3uryz & Andrew Hay Proving Ground BSidesLV 2016 - Tuscany Hotel - Aug 03, 2016

YouTube