SUNBURST SolarWinds Malware Analysis - Tools, Tactics and Malware Reverse Engineering
SUNBURST SolarWinds Malware Analysis - Tools, Tactics and Malware Reverse Engineering
Here we take a look inside so of the most complex, elegant, well-crafted malware I've seen, known as SUNBURST and responsible for the global SolarWinds compromise. This code is a malicious DLL, loaded by the parent platform and blends in exceptionally well to the whole code-ecosystem.
This Video starts with a little Podcast on the SolarWinds Compromise and then we discuss the Attack Chain and We start by using DNSpy to decompile the .NET code, giving us access to the source code and perform complete Reverse Engineering and full code analysis
We cover FNV-1 hashing (something I'd never heard of!) and also variances of the Base64 encoding routine which the bad guys are using the mask their malicious code.
Special thanks to FireEye, their research on this malware is exceptional.
To watch the Episode checkout this link : https://youtu.be/Sd2ID3XMU4s
#sunburst #solarwinds #malwareanalysis
LINKS
=====
https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html
https://github.com/fireeye/sunburst_countermeasures
https://www.volexity.com/blog/2020/12/14/dark-halo-leverages-solarwinds-compromise-to-breach-organizations/
https://us-cert.cisa.gov/ncas/alerts/aa20-352a
github.com/ITAYC0HEN/SUNBURST-Cracked/blob/main/OrionImprovementBusinessLayer_modified.cs
https://mp.weixin.qq.com/s/UqXC1vovKUu97569LkYm2Q
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/additional-analysis-into-the-sunburst-backdoor/
TOOLS
======
dnSpy - https://github.com/dnSpy/dnSpy
De4Dot - https://github.com/de4dot/de4dot
THANKS
=======
If you LIKED this video, please hit the THUMBS UP and please SUBSCRIBE!
Many thanks for watching
Cheers
Видео SUNBURST SolarWinds Malware Analysis - Tools, Tactics and Malware Reverse Engineering канала INTEL ARCHIVES
Here we take a look inside so of the most complex, elegant, well-crafted malware I've seen, known as SUNBURST and responsible for the global SolarWinds compromise. This code is a malicious DLL, loaded by the parent platform and blends in exceptionally well to the whole code-ecosystem.
This Video starts with a little Podcast on the SolarWinds Compromise and then we discuss the Attack Chain and We start by using DNSpy to decompile the .NET code, giving us access to the source code and perform complete Reverse Engineering and full code analysis
We cover FNV-1 hashing (something I'd never heard of!) and also variances of the Base64 encoding routine which the bad guys are using the mask their malicious code.
Special thanks to FireEye, their research on this malware is exceptional.
To watch the Episode checkout this link : https://youtu.be/Sd2ID3XMU4s
#sunburst #solarwinds #malwareanalysis
LINKS
=====
https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html
https://github.com/fireeye/sunburst_countermeasures
https://www.volexity.com/blog/2020/12/14/dark-halo-leverages-solarwinds-compromise-to-breach-organizations/
https://us-cert.cisa.gov/ncas/alerts/aa20-352a
github.com/ITAYC0HEN/SUNBURST-Cracked/blob/main/OrionImprovementBusinessLayer_modified.cs
https://mp.weixin.qq.com/s/UqXC1vovKUu97569LkYm2Q
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/additional-analysis-into-the-sunburst-backdoor/
TOOLS
======
dnSpy - https://github.com/dnSpy/dnSpy
De4Dot - https://github.com/de4dot/de4dot
THANKS
=======
If you LIKED this video, please hit the THUMBS UP and please SUBSCRIBE!
Many thanks for watching
Cheers
Видео SUNBURST SolarWinds Malware Analysis - Tools, Tactics and Malware Reverse Engineering канала INTEL ARCHIVES
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
SUNBURST SolarWinds Malware - Tools, Tactics and Methods to get you started with Reverse Engineering
How the SolarWinds Hack Could Change Data Security Forever
The SolarWinds Hack Explained | Cybersecurity Advice
The threats arising from the massive SolarWinds hack
Mozi Malware - Finding Breadcrumbs...
FAKE Antivirus? Malware Analysis of Decoy 'kaspersky.exe'
Langner's Stuxnet Deep Dive
What is SolarWinds Hack? Massive cyberattacks in USA explained - Is Russia involved in it? #UPSC
Identify C2C malware in the face of threats like SolarWinds Orion attack | SISA Webinar
The SolarWinds Hack And The Future Of Cyber Espionage
Analyzing Ransomware - Reversing Basic .NET Ransomware
Universities Are Getting Destroyed By Ransomware
Shawn Thomas - An Introduction To Malware Analysis video - DEF CON 27 Blue Team Village
SolarWinds Attack End-to-End Demo
lofi hip hop radio - beats to relax/study to
How to Present Cyber Security Risk to Senior Leadership | SANS Webcast
Practical Malware Analysis Essentials for Incident Responders
MALWARE ANALYSIS - VBScript Decoding & Deobfuscating
Reversing WannaCry Part 1 - Finding the killswitch and unpacking the malware in #Ghidra
Analyzing Ransomware - Completing a FULL Analysis