SUPERNOVA - Everything you need to know to Reverse Engineer an APT WebShell
In this video I discuss the #SUPERNOVA webshell #malware, found as part of the recent #SolarWinds Orion platform compromise. The malware itself is not that interesting, however I show you the tools and setup you need to analyse the sample and also show you two great resources to download malware from the 'wild'. And of course, we talk about the malware itself.
SHORTCUTS
==========
00:00 - Introduction
00:47 - Where to Find Malware Samples
03:27 - Malware Lab Environment
07:16 - Key Tools for .NET Analysis
09:16 - SUPERNOVA Analysis
14:24 - Summary
TOOLS
=====
https://github.com/dnSpy/dnSpy
https://www.winitor.com
SAMPLE
=======
SHA256 c15abaf51e78ca56c0376522d699c978217bf041a3bd3c71d09193efa5717c71
https://app.any.run/tasks/bc5ab624-c07c-4277-aca9-f1edcad9a240/
FOLLOW
======
You can join in the conversation by following me at https://twitter.com/cybercdh
THANKS
=======
If you LIKED this video, please hit the THUMBS UP. If you LOVED it, please SUBSCRIBE!
Many thanks for watching, it means a lot. Peace out.
@cybercdh
#sunburst #solarwinds
Видео SUPERNOVA - Everything you need to know to Reverse Engineer an APT WebShell канала Colin Hardy
SHORTCUTS
==========
00:00 - Introduction
00:47 - Where to Find Malware Samples
03:27 - Malware Lab Environment
07:16 - Key Tools for .NET Analysis
09:16 - SUPERNOVA Analysis
14:24 - Summary
TOOLS
=====
https://github.com/dnSpy/dnSpy
https://www.winitor.com
SAMPLE
=======
SHA256 c15abaf51e78ca56c0376522d699c978217bf041a3bd3c71d09193efa5717c71
https://app.any.run/tasks/bc5ab624-c07c-4277-aca9-f1edcad9a240/
FOLLOW
======
You can join in the conversation by following me at https://twitter.com/cybercdh
THANKS
=======
If you LIKED this video, please hit the THUMBS UP. If you LOVED it, please SUBSCRIBE!
Many thanks for watching, it means a lot. Peace out.
@cybercdh
#sunburst #solarwinds
Видео SUPERNOVA - Everything you need to know to Reverse Engineer an APT WebShell канала Colin Hardy
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
SUNBURST SolarWinds Malware - Tools, Tactics and Methods to get you started with Reverse Engineering
How the SolarWinds Hack Could Change Data Security Forever
Zyxel Backdoor & A Known Plaintext Attack
Everything You Need To Know About SolarWinds Attack
Coding Expectations for Malware & Pentesting
This equation will change how you see the world (the logistic map)
COVID19 Malware - Getting Closer to the Bad Guys
Live Stream - Finding Emotet's Config
When Will the Next Naked-eye Supernova Event Happen?
Analysing Obfuscated VBA - Extracting indicators from a Trickbot downloader
SolarWinds: What It Means & What’s Next
Crack The BAT - Identifying Compression, Packers & Googling for IOCs
Why The Speed Of Light* Can't Be Measured
The Bizarre Behavior of Rotating Bodies, Explained
WannaCry 2.0 Ransomware
Overcome Self-Defending Malware - Tools, Techniques and Lab Setup
SUNBURST SolarWinds Malware Analysis - Tools, Tactics and Malware Reverse Engineering
The SolarWinds Breach & Code Signing
The Massive SolarWinds Hack Explained in Context