Malware Analysis - Unpacking Locky with VirtualAlloc - - vimore.org

Malware Analysis - Unpacking Locky with VirtualAlloc

Malware Analysis - Unpacking Locky with VirtualAlloc

YouTube

A quick showcase of unpacking a Locky ransomware sample. Sidenote: My fear of accidental execution is that it will encrypt the OllyDbg files which I still need to show the unpacking. Of course this is a VM. Do not ever get the idea to try this on your main system. X) OllyDbg: http://www.ollydbg.de/ HxD: https://mh-nexus.de/en/hxd/ Locky: https://www.hybrid-analysis.com/sample/49a48d4ff1b7973e55d5838f20107620ed808851231256bb94c85f6c80b8ebfc?environmentId=100



Three and a half ways to unpack malware using Ollydbg

Here I demonstrate to you three (and a half!) ways to unpack malware. Malware is often packed for the purpose of AntiVirus and Analysis evasion, therefore it is

YouTube

BSidesSF 2017 - Bypassing malware analysis sandboxes is easy, ... (Michael Gough)

Bypassing malware analysis sandboxes is easy, let’s discuss how they are doing it and why it works Have you ever received a piece of malware and wanted to know

YouTube

The Lock with no Key | Locky Ransomware

Locky is a sneaky piece of ransomware that downloads itself through a .js file and avoids analysis by not revealing its payload in sandboxed environments. As us

YouTube

How I Set Up My Virtual Machines

http://malwareup.org A week or so ago someone asked me if I could show how to avoid infecting yourself when testing malware in a virtual machine, so instead of

YouTube

Locky Ransomware Demonstration

http://malwareup.org For a more in depth analysis: http://www.bleepingcomputer.com/news/security/the-locky-ransomware-encrypts-local-files-and-unmapped-network-

YouTube

Wireshark Advanced Malware Traffic Analysis

Please check out my Udemy courses! Coupon code applied to the following links.... https://www.udemy.com/hands-on-penetration-testing-labs-30/?couponCode=NINE99

YouTube

Reverse Engineering Malware - String Obfuscation

Better understanding on what strings do even through some anti-debug, anti-analysis malware due to the portability of some functions.

YouTube

Malware Analysis - Unpacking with HxD and Python

This video shows that some packed files can be unpacked using only a hexeditor (HxD) and a scripting language (Python 2.7). HxD: https://mh-nexus.de/en/hxd/ Py

YouTube

UPX Easily Unpacked All Versions

This video demonstrates the weakness in the UPX exe packer/protector that allows it to be easily unpacked within seconds by an experienced reverser. Please not

YouTube

Malware Theory - Portable Executable Resources

Previous video, Basic PE Structure: https://www.youtube.com/watch?v=l6GjU8fm8sM Follow me on Twitter: https://twitter.com/struppigel

YouTube

Malware Analysis - Macro Malware Analysis

Macro extraction and deobfuscation using oletools and MS Excel. Follow me on Twitter: https://twitter.com/struppigel oletools: https://www.decalage.info/python

YouTube

TekTip ep1 - Basic Dynamic Malware Analysis

Welcome to the first TekTip episode from TekDefense.com. In this episode we talk about and demo basic dynamic malware analysis. Tools we leveraged here includ

YouTube

Locky in Action

Quick and dirty Locky infection. Infection through Winword macro.

YouTube

How to Reverse Engineer a software using Ollydbg.

Bypass copy protection software using Ollydbg in order to use the product without extending the trial duration. Educational purpose only.

YouTube

Ask An Analyst - How did I get Into Malware Analysis?

1. How did you get into malware analysis? 0:16 2. What disassembler do you recommend for a newbie? 4:09 x64dbg: https://x64dbg.com

YouTube

Malware Analysis - Generic Unpacking

Beginner tutorial about unpacking Portable Executable files. For trying this yourself, any UPX packed file will do the job. Get UPX from here: http://upx.source

YouTube

Five Awesome Tools to perform Behavioural Analysis of Malware

Here I show you 5 of my favourite tools to use for behavioural analysis. They are: 1. Process Hacker (http://processhacker.sourceforge.net/) 2. Process Monitor

YouTube

Malware Analysis - HolyCrypt and PowerWare Ransomware

We analyse two ransomware families that made it into the news this week, one .NET assembly that executes a PowerShell script and one Portable Executable that wa

YouTube

Malware Analysis - Code Injection via CreateRemoteThread & WriteProcessMemory

We take a look into the malware Gatak which uses WriteProcessMemory and CreateRemoteThread to inject code into rundll32.exe. Many thanks to @_jsoo_ for providin

YouTube

automated malware analysis with cuckoo

Setup and configuration of Cuckoo framework on Linux, to automate the malaware analysis process. You need to install the following as prerequisites. 1. Install

YouTube