CyberChef Recipe to Loop Over Values to Modify and Decode | allinfosecnews.com

March 31, 2023, 5 p.m. | Dr Josh Stroschein

Dr Josh Stroschein www.youtube.com

It's common during malware analysis to find lists, or arrays, of data that you need to decode. However, the data first needs to be manipulated before it can be decoded. In this video, we'll look at a CyberChef recipe to help you do just that. We'll use a recent HTA file used to download SnakeKeylogger that hides a Powershell script in an array of numeric values. To decode this array, an arbitrary value must first be subtracted, this is where …

analysis array cyberchef data download find fork hta lists loop malware malware analysis powershell powershell script recipe script value video

More from www.youtube.com / Dr Josh Stroschein

🔴 Malware Mondays Episode 02 - Investigating Processes with Process Explorer and System Informer 5 days, 9 hours ago | www.youtube.com

basics episode explorer focus +10

MM#02 - Uncover Program Behavior! Build a Sample Program to Investigate w/ Process Explorer | … 1 week, 2 days ago | www.youtube.com

basics build episode explorer +12

Malware Mondays?!? Learn more 2 weeks, 1 day ago | www.youtube.com

Malware Mondays Episode 01 - Identifying Malicious Activity in Process Monitor (ProcMon) Data 3 weeks, 6 days ago | www.youtube.com

artifact data goal learn +11

MM#01 - How to Capture Malicious Activity with Process Monitor! Using ProcMon with Amadey Malware 1 month ago | www.youtube.com

amadey artifacts capture data +11

Malware Mondays Episode 01 - Identifying Malicious Activity in Process Monitor (ProcMon) Data 1 month, 1 week ago | www.youtube.com

artifact data goal learn +11

Why Do You Need to Know Assembly to Use IDAPro or Ghidra? Exploring disassembly and … 1 month, 1 week ago | www.youtube.com

assembly disassembly effectively ghidra +9

Ease Shellcode Analysis with SCLauncher! Learn how-to wrap shellcode into a PE file 1 month, 2 weeks ago | www.youtube.com

analysis debugging development easy +18

Customizing FakeNet-NG for Malicious Document Analysis! How to modify the web root 1 month, 3 weeks ago | www.youtube.com

analysis can default dive +16

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote

View on infosec-jobs.com

Principal Business Value Consultant

@ Palo Alto Networks | Chicago, IL, United States

View on infosec-jobs.com

Cybersecurity Specialist, Sr. (Container Hardening)

@ Rackner | San Antonio, TX

View on infosec-jobs.com

Penetration Testing Engineer- Remote United States

@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700

View on infosec-jobs.com

Internal Audit- Compliance & Legal Audit-Dallas-Associate

@ Goldman Sachs | Dallas, Texas, United States

View on infosec-jobs.com

Threat Responder

@ Deepwatch | Remote

View on infosec-jobs.com