Three and a half ways to unpack malware using Ollydbg - - vimore.org

Three and a half ways to unpack malware using Ollydbg

Three and a half ways to unpack malware using Ollydbg

YouTube

Here I demonstrate to you three (and a half!) ways to unpack malware. Malware is often packed for the purpose of AntiVirus and Analysis evasion, therefore it is super useful to know how to dump malware in its unpacked form. Here I demonstrate how to unpack using UPX (which is cheating, right!) then I show you the following three manual methods: 1. Eyeballing the tail jump 2. Using Hardware Breakpoint on the stack 3. Pre-empting the use of GetModuleHandleA This enables us to dump the malware in its unpacked form so we can rebuild the headers using Scylla and then perform some more advanced behavioural / static analysis. Tools used: Ollydbg - http://www.ollydbg.de/ Scylla - https://github.com/NtQuery/Scylla Process Hacker - http://processhacker.sourceforge.net/ MD5 of the sample analysed: 91208451ef36dfda1fa00444abc95808 Hope this is useful :) Feel free to submit your comments and questions and don't forget to subscribe to my channel and follow me here: https://twitter.com/cybercdh



Five Awesome Tools to perform Behavioural Analysis of Malware

Here I show you 5 of my favourite tools to use for behavioural analysis. They are: 1. Process Hacker (http://processhacker.sourceforge.net/) 2. Process Monitor

YouTube

WannaCry 2.0 - Three ways to find the Kill Switch

Here I demonstrate three ways you can find the Kill Switch that is hard-coded into the WannaCry 2.0 Ransomware sample. Firstly we look at the network strings in

YouTube

Overcome Self-Defending Malware - Tools, Techniques and Lab Setup

Here I demonstrate how to overcome a simple self-defence tactic that some malware samples commonly utilise to target their victims and prevent sandbox / VM anal

YouTube

How Much Malware Can You Get From Download.com?

Hint: NEVER EVER EVER USE DOWNLOAD.COM - Always get from the source project page. === SOCIAL http://logiclounge.com http://plus.google.com/+LogicLounge http:

YouTube

China Super High-Efficiency New Electric Motor Technology

China Super High-Efficiency New Electric Motor Technology This is a video DC Motor/Generator for Electric Vehicles, Marine and Aerospace applications. It show

YouTube

Unpacking Princess Locker and Fixing Corrupted PE Header (OALabs x MalwareAnalysisForHedgehogs)

Open Analysis Live teams up with MalwareAnalysisForHedgehogs to unpack Princess Locker ransomware. We show how to use x64dbg and hooks on VirtualAlloc to dump t

YouTube

CVE-2017-11882 - 3 ways to perform technical analysis, 1 easy way to protect

Here I show you technical analysis of a fascinating exploit CVE-2017-11882 which takes advantage of a buffer overflow vulnerability in Microsoft Office Equation

YouTube

Using OllyDbg 3 and WinRar Hack

in this shorter video i show you some useful techniques used to get to the code we are wanting to modify within a program.. instead of just looking for text str

YouTube

Adylkuzz CryptoMiner - A quick behavioural analysis

Adylkuzz is a cryptominer malware sample which is being propagated via the EternalBlue exploit, popularised by the recent WannaCry Ransomware outbreak. Here I

YouTube

UPX Easily Unpacked All Versions

This video demonstrates the weakness in the UPX exe packer/protector that allows it to be easily unpacked within seconds by an experienced reverser. Please not

YouTube

Is WhatsApp leaking your Private Information?

In this video I look at how WhatsApp leaks your private IP address if you type a URL into an encrypted conversation. I heard about this from a tweet from @mulan

YouTube

Top 4 Programming Languages to Learn In 2019

How To Get Internships At Top Tech Companies - www.lifeofluba.com/internship For video tips on practicing technical interview - www.algoexpert.io/luba, use "lu

YouTube

How To Crack A Software Using Ollydbg 2017 Latest

In this short tutorial you'll learn to crack software with the help of ollydbg tool. No more Trial softwares, patch them yourself easily. ollydbg software = ht

YouTube

Unpacking Emotet / Geodo (Stage 1) Using x64dbg - Subscriber Request

Open Analysis Live! We use x64dbg to unpack a new Emotet / Geodo malware (Stage 1). This was a subscriber request asking us to determine how this was packed. P

YouTube

Introduction to Reverse Engineering | Ollydbg Tutorial

An introduction to Reverse Engineering, a behind the scenes of malware analysis, and using tools like Ollydbg. As a practical example we'll be looking into the

YouTube

Quick code analysis of a malicious Emotet JavaScript downloader

This malicious .js downloader from Virus Total (SHA256 c60da3a03606bae3982f8ab0d6784dda09f3183df228110c904467cb7b27c79c) has some pretty interesting obfuscation

YouTube

Reversing WannaCry Part 1 - Finding the killswitch and unpacking the malware in #Ghidra

In this first video of the "Reversing WannaCry" series we will look at the infamous killswitch and the installation and unpacking procedure of WannaCry. The sa

YouTube

How to Crack a program using OllyDbg 1

this is the first of my tutorials in using olly debugger and cracking a program using it. i will be uploading many more tutorials covering varying difficulties

YouTube

Technical Analysis of a Word Zero Day - CVE-2017-0262 / CVE-2015-2545

Here I demonstrate to you how to analyse a Zero Day (now patched!) in Word which exploits an EPS vulnerability referenced in CVE-2017-0262 / CVE-2015-2545. Thi

YouTube

x64dbg | UPX Unpacker

x64dbg | UPX Unpacker In learning Tools for Imports Reconstruction ❭ Scylla - x64 / x86 Imports Reconstruction 0.9.7c: Https://tuts4you.com/e107_plugins/down

YouTube