Загрузка страницы
Все видеоНовые видеоПопулярные видеоКатегории видео

Macro analysis on an Emotet dropper (office document) from 01/17/2020

This video focuses on analyzing the macro code from a recent Emotet dropper (i.e. office document). I'll use oledump to analyze the code and perform quick, yet detailed, analysis of how they operate. By the end of this video you will understand how to identify the macro code, perform analysis and extract additional indicators of compromise (IOCs).

Sample MD5: 29b48523e390bf2393796049d7042461

You can find the sample at the following GitHub: https://github.com/jstrosch/malware-samples/blob/master/maldocs/emotet/2020/January/29b48523e390bf2393796049d7042461

And the associated PCAP: https://github.com/jstrosch/malware-samples/blob/master/maldocs/emotet/2020/January/29b48523e390bf2393796049d7042461.pcap

Видео Macro analysis on an Emotet dropper (office document) from 01/17/2020 канала Josh Stroschein
Показать
Комментарии отсутствуют
Введите заголовок:

Введите адрес ссылки:

Введите адрес видео с YouTube:

Зарегистрируйтесь или войдите с
Информация о видео
18 января 2020 г. 0:31:38
00:18:47
Josh Stroschein
Теги
Правообладателям
Жалоба
Комментарии
Другие видео канала
Reversing Malicious Office Document (Macro) Emotet(?)Reversing Malicious Office Document (Macro) Emotet(?)Extract Shellcode from Fileless Malware like a ProExtract Shellcode from Fileless Malware like a ProEmotet is DeadEmotet is DeadAdvanced VBA Macros Attack & DefenceAdvanced VBA Macros Attack & DefencePractical Malware Analysis Essentials for Incident RespondersPractical Malware Analysis Essentials for Incident RespondersAPAC Webinar: Anatomy of An Attack: Emotet, Trickbot, Ryuk RansomwareAPAC Webinar: Anatomy of An Attack: Emotet, Trickbot, Ryuk RansomwareMalware Triage Analyzing PrnLoader Used To Drop EmotetMalware Triage Analyzing PrnLoader Used To Drop Emotet"This is not wide spread knowledge" Jordan Peterson on Soviet History"This is not wide spread knowledge" Jordan Peterson on Soviet HistoryBreaking The Kill Chain: A Defensive ApproachBreaking The Kill Chain: A Defensive ApproachGetting Started with Ghidra: Analyzing Process Hollowing Shellcode from a MaldocGetting Started with Ghidra: Analyzing Process Hollowing Shellcode from a MaldocKali Linux 2020 - Backdoor & dropper (quickly and easily)Kali Linux 2020 - Backdoor & dropper (quickly and easily)Live Stream - Finding Emotet's ConfigLive Stream - Finding Emotet's ConfigWill Quantum Computers break encryption?Will Quantum Computers break encryption?Analysing Obfuscated VBA - Extracting indicators from a Trickbot downloaderAnalysing Obfuscated VBA - Extracting indicators from a Trickbot downloaderExploring Emotet, An Elaborate Everyday Enigma - Luca NagyExploring Emotet, An Elaborate Everyday Enigma - Luca NagyDer König der Schadsoftware - Emotet - ist tot! 😵 BEHIND THE HACK #1: Was war Emotet?Der König der Schadsoftware - Emotet - ist tot! 😵 BEHIND THE HACK #1: Was war Emotet?Reversing Data Structures with Ghidra: StructuresReversing Data Structures with Ghidra: StructuresEmotet - The Evolution of MalwareEmotet - The Evolution of MalwareAnalyzing Malicious Office Documents Presented By Didier Stevens WorkshopAnalyzing Malicious Office Documents Presented By Didier Stevens WorkshopReverse Engineering with Ghidra: Calling ConventionsReverse Engineering with Ghidra: Calling Conventions
Статистика портала
Яндекс.Метрика
© 2008-2024 «Информационно-развлекательный портал города Верхняя Салда»
| Карта портала | Реклама | Контакты | Сообщить об ошибке | Соглашения
salda.ws salda.ws@mail.ru
Сейчас на сайте: 512 Статистика портала