Unpacking GlobeImposter Ransomware With x32dbg
Open Analysis Live! In this tutorial we unpack a new version of GlobeImposter ransomeware using the X32bg / X64dbg debugger.
-----
OALABS DISCORD
https://discord.gg/6h5Bh5AMDU
OALABS PATREON
https://www.patreon.com/oalabs
OALABS TIP JAR
https://ko-fi.com/oalabs
OALABS GITHUB
https://github.com/OALabs
UNPACME - AUTOMATED MALWARE UNPACKING
https://www.unpac.me/#/
-----
Original packed sample:
https://malshare.com/sample.php?action=detail&hash=612974dcb49adef982d9ad8d9cbdde36
Malware Traffic Analysis sample:
http://www.malware-traffic-analysis.net/2017/11/30/index.html
The x64bdg debugger:
https://x64dbg.com/#start
The unpacked sample:
https://malshare.com/sample.php?action=detail&hash=5a5e32203cf8eee1b7e9125b1c97ed94
OAPivot the chrome plugin for IOC searching:
https://chrome.google.com/webstore/detail/oapivot/nenjokibennmmllmdbifnmmgipppnfbm
Great blog on unpacking an earlier version of GlobeImposter:
http://www.vkremez.com/2017/08/lets-learn-how-to-unpack-globeimposter.html
Video explaining some anti-debugging tricks:
https://youtu.be/WlE8abc8V-4
Anti-debugging cheat sheet (PDF):
http://anti-reversing.com/Downloads/Anti-Reversing/The_Ultimate_Anti-Reversing_Reference.pdf
*Special hat-tip to Alex for recommending x64dbg and showing me some tricks: https://twitter.com/nullandnull
Feedback, questions, and suggestions are always welcome : )
Sergei https://twitter.com/herrcore
Sean https://twitter.com/seanmw
As always check out our tools, tutorials, and more content over at http://www.openanalysis.net
Видео Unpacking GlobeImposter Ransomware With x32dbg канала OALabs
-----
OALABS DISCORD
https://discord.gg/6h5Bh5AMDU
OALABS PATREON
https://www.patreon.com/oalabs
OALABS TIP JAR
https://ko-fi.com/oalabs
OALABS GITHUB
https://github.com/OALabs
UNPACME - AUTOMATED MALWARE UNPACKING
https://www.unpac.me/#/
-----
Original packed sample:
https://malshare.com/sample.php?action=detail&hash=612974dcb49adef982d9ad8d9cbdde36
Malware Traffic Analysis sample:
http://www.malware-traffic-analysis.net/2017/11/30/index.html
The x64bdg debugger:
https://x64dbg.com/#start
The unpacked sample:
https://malshare.com/sample.php?action=detail&hash=5a5e32203cf8eee1b7e9125b1c97ed94
OAPivot the chrome plugin for IOC searching:
https://chrome.google.com/webstore/detail/oapivot/nenjokibennmmllmdbifnmmgipppnfbm
Great blog on unpacking an earlier version of GlobeImposter:
http://www.vkremez.com/2017/08/lets-learn-how-to-unpack-globeimposter.html
Video explaining some anti-debugging tricks:
https://youtu.be/WlE8abc8V-4
Anti-debugging cheat sheet (PDF):
http://anti-reversing.com/Downloads/Anti-Reversing/The_Ultimate_Anti-Reversing_Reference.pdf
*Special hat-tip to Alex for recommending x64dbg and showing me some tricks: https://twitter.com/nullandnull
Feedback, questions, and suggestions are always welcome : )
Sergei https://twitter.com/herrcore
Sean https://twitter.com/seanmw
As always check out our tools, tutorials, and more content over at http://www.openanalysis.net
Видео Unpacking GlobeImposter Ransomware With x32dbg канала OALabs
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Unpacking Emotet / Geodo (Stage 1) Using x64dbg - Subscriber Request
Shade | Terrible Ransomware from Russia
Analyze JavaScript and VBScript Malware With x64dbg Debugger and API Hooking
Google CTF: Beginner Quest: FLOPPY2 (Debugging DOS Programs)
How To Defeat Anti-VM and Anti-Debug Packers With IDA Pro
CYBERWARCON 2019 - The Secret Life of Sandworms
Unpacking UPX Malware
UnpacMe Automated Malware Unpacking - How We Built It and Why
Unpacking Gootkit Malware With IDA Pro and X64dbg - Subscriber Request
How to crack Bigasoft Total Video Converter and remove the trial limitations using x64dbg
Reverse Engineering x32dbg/olly "that doesnt work in the real world..."
COMMENT CRACKER (quasiment) N'INPORTE QUEL LOGICIEL !!! |2019|
Blackmatter Ransomware - Livestream Lunch and Learn: Reverse Engineering and Binary Attribution
#8 How to Manually Unpack Malware
Unpacking and Extracting TrickBot Malware Configuration With x64dbg and Python
How To Use x64dbg for Beginners
WinDbg Basics for Malware Analysis
#7 Intro to Analysing Malware Using x32dbg
Fast Malware Unpacking With CryptDecrypt and RtlDecompressBuffer