all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Detecting Nullmixer with Yara - Crafting a Custom Rule

Add to bookmarks
Feb. 23, 2023, 3 p.m. | Dr Josh Stroschein

Dr Josh Stroschein www.youtube.com

Crafting custom Yara rules is a key capability for anyone working in cyber security. In this video, the final part of the Nullmixer Technical Analysis series, we'll look into detecting Nullmixer with Yara and use tools like IDA Pro and Strings to identify strings, understand their context and use them to create a Yara rule of the unpacked binary. We'll also discuss testing methods and caveats with this rule.

00:00 Introduction
01:08 Using IDA To Find String Context
03:59 Using …

analysis binary context cyber cyber security discuss ida ida pro identify introduction key pro rules security series strings technical technical analysis testing tools understand video working yara yara rules

Visit resource

More from www.youtube.com / Dr Josh Stroschein

🔴 Malware Mondays Episode 02 - Investigating Processes with Process Explorer and System Informer 20 hours ago | www.youtube.com
basics episode explorer focus +10
MM#02 - Uncover Program Behavior! Build a Sample Program to Investigate w/ Process Explorer | … 5 days, 9 hours ago | www.youtube.com
basics build episode explorer +12
Malware Mondays?!? Learn more 1 week, 4 days ago | www.youtube.com
learn malware
Malware Mondays Episode 01 - Identifying Malicious Activity in Process Monitor (ProcMon) Data 3 weeks, 1 day ago | www.youtube.com
artifact data goal learn +11
MM#01 - How to Capture Malicious Activity with Process Monitor! Using ProcMon with Amadey Malware 1 month ago | www.youtube.com
amadey artifacts capture data +11
Malware Mondays Episode 01 - Identifying Malicious Activity in Process Monitor (ProcMon) Data 1 month ago | www.youtube.com
artifact data goal learn +11
Why Do You Need to Know Assembly to Use IDAPro or Ghidra? Exploring disassembly and … 1 month ago | www.youtube.com
assembly disassembly effectively ghidra +9
Ease Shellcode Analysis with SCLauncher! Learn how-to wrap shellcode into a PE file 1 month, 1 week ago | www.youtube.com
analysis debugging development easy +18
Customizing FakeNet-NG for Malicious Document Analysis! How to modify the web root 1 month, 2 weeks ago | www.youtube.com
analysis can default dive +16

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Application Security Engineer - Enterprise Engineering

@ Meta | Bellevue, WA | Seattle, WA | New York City | Fremont, CA
View on infosec-jobs.com

Security Engineer

@ Retool | San Francisco, CA
View on infosec-jobs.com

Senior Product Security Analyst

@ Boeing | USA - Seattle, WA
View on infosec-jobs.com

Junior Governance, Risk and Compliance (GRC) and Operations Support Analyst

@ McKenzie Intelligence Services | United Kingdom - Remote
View on infosec-jobs.com

GRC Integrity Program Manager

@ Meta | Bellevue, WA | Menlo Park, CA | Washington, DC | New York City
View on infosec-jobs.com
View more jobs