Malware Analysis: Stealer - Mutex Check, Stackstrings, IDA (Part 1)
In this series I will be analysing a crime stealer from basics to more advanced concepts in malware analysis. Get a cup of tea and watch me slowly analyse malware :-)
No sample (Sorry!)
Sample:
- Build: June Build 1.1.6 (I think - the latest)
0:00:00 - Introduction
0:01:19 - Windows Defender malware analysis instructions for beginners
0:01:57 - Malwares ad text and images from forum
0:09:01 - Static Analysis PE Studio
0:12:00 - In IDA free with the packed sample
0:21:00 - In x32dbg with the packed sample
0:31:18 - Modifying binary sample for unpacked executable
0:34:11 - Unpacked sample in IDA
0:37:16 - Identifying an interesting function
0:41:25 - String analysis in unpacked sample
0:46:43 - Back in IDA to the interesting function
0:50:47 - Unpacked sample in x32dbg analysis
0:55:30 - Stack string identification in IDA
1:00:00 - Mutex analysis in x32dbg
1:03:30 - Process tokens analysis in x32dbg
1:10:00 - Debugger flow manipulation (Z flag modification)
1:14:09 - Next time
Further research from Cyber Ark: https://www.cyberark.com/resources/threat-research-blog/raccoon-the-story-of-a-typical-infostealer
Trend Micro research: https://blog.trendmicro.com/trendlabs-security-intelligence/raccoon-stealers-abuse-of-google-cloud-services-and-multiple-delivery-techniques/
Видео Malware Analysis: Stealer - Mutex Check, Stackstrings, IDA (Part 1) канала L!NK
No sample (Sorry!)
Sample:
- Build: June Build 1.1.6 (I think - the latest)
0:00:00 - Introduction
0:01:19 - Windows Defender malware analysis instructions for beginners
0:01:57 - Malwares ad text and images from forum
0:09:01 - Static Analysis PE Studio
0:12:00 - In IDA free with the packed sample
0:21:00 - In x32dbg with the packed sample
0:31:18 - Modifying binary sample for unpacked executable
0:34:11 - Unpacked sample in IDA
0:37:16 - Identifying an interesting function
0:41:25 - String analysis in unpacked sample
0:46:43 - Back in IDA to the interesting function
0:50:47 - Unpacked sample in x32dbg analysis
0:55:30 - Stack string identification in IDA
1:00:00 - Mutex analysis in x32dbg
1:03:30 - Process tokens analysis in x32dbg
1:10:00 - Debugger flow manipulation (Z flag modification)
1:14:09 - Next time
Further research from Cyber Ark: https://www.cyberark.com/resources/threat-research-blog/raccoon-the-story-of-a-typical-infostealer
Trend Micro research: https://blog.trendmicro.com/trendlabs-security-intelligence/raccoon-stealers-abuse-of-google-cloud-services-and-multiple-delivery-techniques/
Видео Malware Analysis: Stealer - Mutex Check, Stackstrings, IDA (Part 1) канала L!NK
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Wireshark - Malware traffic Analysis
Fileless Malware Demystified
Reverse Engineering Smoke Loader: RC4, Anti-Analysis, Anti-VM
The Mystery Flaw of Solar Panels
Practical Malware Analysis Essentials for Incident Responders
Splunk for Security Investigation: Endpoint Advanced Malware Analysis
Removing Malware and Adware from your Mac!!!
Extracting Config From Malware - Guide
A day in the life of a malware analyst - Didier Stevens
Threat actors Sideloading - PlugX General Walkthrough
Unpacking Quick Tip: Two Breakpoints to Unpack Hermes Ransomware
IDA Pro Malware Analysis Tips
r2con2019 - Windows Malware Analysis with r2 for Beginner
Best Malware Analysis Tools | Learn Malware Analysis
Reverse Engineering Malware - String Obfuscation
Farming Binaries - Obfuscating through inline assembly and more
Adylkuzz CryptoMiner - A quick behavioural analysis
Ransomware Analysis: 1 - WannaCry
Overcome Self-Defending Malware - Tools, Techniques and Lab Setup
Unpacking Bokbot / IcedID Malware - Part 1