Was it Really North Korea? Tools and Techniques to Attribute Malware Campaigns to Nation States
This video showcases some tools and techniques used to attribute #malware campaigns to specific Nation State APT Threat Groups. Moreover I explain in detail about the Rich Header, which you can find in most Windows Executables, and how it can be used to fingerprint malware and also how it's used to false-flag other threat actors.
We talk about the infamous Bangladesh Bank Heist and how this is attributed to #Lazarus and how Russia false-flagged the #OlympicDestroyer malware to look like it came from North Korea.
Below you can find my supporting doc on this topic where you can follow along with my analysis and research. If you want early access to these, please check out my Patreon.
https://docs.google.com/document/d/10IP7_9wW3vmKnH9mHQ_P3Fuf5Cpba2lZcJHt-DeLp5U/
👉 Video Sponsor 👈
=================
Please check out 🔥Intezer 🔥 - the Sponsor of this video - where you can analyse 50 files free per month on their awesome platform:
https://bit.ly/3F6Ffv6
👀 Find out more about how I use Intezer to find related malware samples at 18:00
⏩ Like, Subscribe, Support!
Many thanks for all your continued support here on YouTube, Twitter and Patreon - you can find all the links to find me here:
👉 https://twitter.com/cybercdh
👉 https://patreon.com/cybercdh
I'd appreciate if you hit the thumbs up to LIKE this video, and it would be awesome if you Subscribed for more content, it really does help support the channel.
🚨 Malware Referenced in this Video 🚨
===============================
Bangladesh:
4659dadbf5b07c8c3c36ae941f71b631737631bc3fded2fe2af250ceba98959a
ae086350239380f56470c19d6a200f7d251c7422c7bc5ce74730ee8bab8e6283
5b7c970fee7ebe08d50665f278d47d0e34c04acc19a91838de6a3fc63a8e5630
b07b37f0246bd436addbe5d702b12485d7bc8a9ef1475b54bff513a18e68fef7
Sony Pictures:
4cf164497c275ae0f86c28d7847b10f5bd302ba12b995646c32cb53d03b7e6b5
Kaspersky's South Asian Bank Investigation:
f200d99817777b94e17a82110543ef7034fac184c30d1ef9417cfc7ae3a0737f
88f81c256484d181eadc0ad3b8a9f16efe0e6058cc51c48d35165117a11e05cb
Olympic Destroyer
ae9a4e244a9b3c77d489dee8aeaf35a7c3ba31b210e76d81ef2e91790f052c85
Thank you all,
✌️
Видео Was it Really North Korea? Tools and Techniques to Attribute Malware Campaigns to Nation States канала cybercdh
We talk about the infamous Bangladesh Bank Heist and how this is attributed to #Lazarus and how Russia false-flagged the #OlympicDestroyer malware to look like it came from North Korea.
Below you can find my supporting doc on this topic where you can follow along with my analysis and research. If you want early access to these, please check out my Patreon.
https://docs.google.com/document/d/10IP7_9wW3vmKnH9mHQ_P3Fuf5Cpba2lZcJHt-DeLp5U/
👉 Video Sponsor 👈
=================
Please check out 🔥Intezer 🔥 - the Sponsor of this video - where you can analyse 50 files free per month on their awesome platform:
https://bit.ly/3F6Ffv6
👀 Find out more about how I use Intezer to find related malware samples at 18:00
⏩ Like, Subscribe, Support!
Many thanks for all your continued support here on YouTube, Twitter and Patreon - you can find all the links to find me here:
👉 https://twitter.com/cybercdh
👉 https://patreon.com/cybercdh
I'd appreciate if you hit the thumbs up to LIKE this video, and it would be awesome if you Subscribed for more content, it really does help support the channel.
🚨 Malware Referenced in this Video 🚨
===============================
Bangladesh:
4659dadbf5b07c8c3c36ae941f71b631737631bc3fded2fe2af250ceba98959a
ae086350239380f56470c19d6a200f7d251c7422c7bc5ce74730ee8bab8e6283
5b7c970fee7ebe08d50665f278d47d0e34c04acc19a91838de6a3fc63a8e5630
b07b37f0246bd436addbe5d702b12485d7bc8a9ef1475b54bff513a18e68fef7
Sony Pictures:
4cf164497c275ae0f86c28d7847b10f5bd302ba12b995646c32cb53d03b7e6b5
Kaspersky's South Asian Bank Investigation:
f200d99817777b94e17a82110543ef7034fac184c30d1ef9417cfc7ae3a0737f
88f81c256484d181eadc0ad3b8a9f16efe0e6058cc51c48d35165117a11e05cb
Olympic Destroyer
ae9a4e244a9b3c77d489dee8aeaf35a7c3ba31b210e76d81ef2e91790f052c85
Thank you all,
✌️
Видео Was it Really North Korea? Tools and Techniques to Attribute Malware Campaigns to Nation States канала cybercdh
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Remcos Config - Using RC4 to Get Command & Control from CyberChef
SUPERNOVA - Everything you need to know to Reverse Engineer an APT WebShell
Y2K22 - Why 2022 Broke Email
Crack The BAT - Identifying Compression, Packers & Googling for IOCs
WannaCry Ransomware - Revisited. Behavioural and Static Analysis Techniques
CVE-2017-8570 - Dynamic analysis of Exploit used in Powerpoint to deliver KeyBase InfoStealer
Live Stream - Malware Analysis Tools Tactics & Techniques
Adylkuzz CryptoMiner - A quick behavioural analysis
Cyber Defender REACTS to THEFT of Microsoft Exchange Server ZERO DAYS used by HAFNIUM
Jaff Ransomware - A quick technical analysis
Extracting encrypted contents from Kronos Banking Trojan
Using WhatsApp for Malware Persistence
Five Awesome Tools to perform Behavioural Analysis of Malware
Emotet is Dead
Threat Hunting with Inquest Labs
Wrangle with Hangul - Analysis of a malicious hwp document
Olympic Destroyer - Quick behavioural Analysis of this Wiper Malware
Analysing Obfuscated VBA - Extracting indicators from a Trickbot downloader
Bashing LOLSnif - Defeating Anti-Analysis Techniques to get real IOCs
Extract Shellcode from Fileless Malware like a Pro
Overcome Self-Defending Malware - Tools, Techniques and Lab Setup