SUPERNOVA - Everything you need to know to Reverse Engineer an APT WebShell
In this video I discuss the #SUPERNOVA webshell #malware, found as part of the recent #SolarWinds Orion platform compromise. The malware itself is not that interesting, however I show you the tools and setup you need to analyse the sample and also show you two great resources to download malware from the 'wild'. And of course, we talk about the malware itself.
SHORTCUTS
==========
00:00 - Introduction
00:47 - Where to Find Malware Samples
03:27 - Malware Lab Environment
07:16 - Key Tools for .NET Analysis
09:16 - SUPERNOVA Analysis
14:24 - Summary
TOOLS
=====
https://github.com/dnSpy/dnSpy
https://www.winitor.com
SAMPLE
=======
SHA256 c15abaf51e78ca56c0376522d699c978217bf041a3bd3c71d09193efa5717c71
https://app.any.run/tasks/bc5ab624-c07c-4277-aca9-f1edcad9a240/
FOLLOW
======
You can join in the conversation by following me at https://twitter.com/cybercdh
THANKS
=======
If you LIKED this video, please hit the THUMBS UP. If you LOVED it, please SUBSCRIBE!
Many thanks for watching, it means a lot. Peace out.
@cybercdh
#sunburst #solarwinds
Видео SUPERNOVA - Everything you need to know to Reverse Engineer an APT WebShell канала Colin Hardy
SHORTCUTS
==========
00:00 - Introduction
00:47 - Where to Find Malware Samples
03:27 - Malware Lab Environment
07:16 - Key Tools for .NET Analysis
09:16 - SUPERNOVA Analysis
14:24 - Summary
TOOLS
=====
https://github.com/dnSpy/dnSpy
https://www.winitor.com
SAMPLE
=======
SHA256 c15abaf51e78ca56c0376522d699c978217bf041a3bd3c71d09193efa5717c71
https://app.any.run/tasks/bc5ab624-c07c-4277-aca9-f1edcad9a240/
FOLLOW
======
You can join in the conversation by following me at https://twitter.com/cybercdh
THANKS
=======
If you LIKED this video, please hit the THUMBS UP. If you LOVED it, please SUBSCRIBE!
Many thanks for watching, it means a lot. Peace out.
@cybercdh
#sunburst #solarwinds
Видео SUPERNOVA - Everything you need to know to Reverse Engineer an APT WebShell канала Colin Hardy
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
SUNBURST SolarWinds Malware - Tools, Tactics and Methods to get you started with Reverse EngineeringHow the SolarWinds Hack Could Change Data Security ForeverZyxel Backdoor & A Known Plaintext AttackEverything You Need To Know About SolarWinds AttackCoding Expectations for Malware & PentestingThis equation will change how you see the world (the logistic map)COVID19 Malware - Getting Closer to the Bad GuysLive Stream - Finding Emotet's ConfigWhen Will the Next Naked-eye Supernova Event Happen?Analysing Obfuscated VBA - Extracting indicators from a Trickbot downloaderSolarWinds: What It Means & What’s NextCrack The BAT - Identifying Compression, Packers & Googling for IOCsWhy The Speed Of Light* Can't Be MeasuredThe Bizarre Behavior of Rotating Bodies, ExplainedWannaCry 2.0 RansomwareOvercome Self-Defending Malware - Tools, Techniques and Lab SetupSUNBURST SolarWinds Malware Analysis - Tools, Tactics and Malware Reverse EngineeringThe SolarWinds Breach & Code SigningThe Massive SolarWinds Hack Explained in Context