all InfoSec news
Malware Analysis - Unpacking AutoIt stub with large obfuscated script
Jan. 27, 2024, 12:13 p.m. | MalwareAnalysisForHedgehogs
MalwareAnalysisForHedgehogs www.youtube.com
At first we trick our way to the payload, skipping the AutoIt script altogether.
At the second run we thoroughly analyse the packer stub, decrypt strings, unpack the shellcode and find the decryption function in it.
Malware Analysis course: https://www.udemy.com/course/windows-malware-analysis-for-hedgehogs-beginner-training/?couponCode=F880CDBE6684E44EB9F8
sample: https://bazaar.abuse.ch/sample/ee69b74d0f0dd59fcd87304863626efb727ad6255bc29a7d48b7a441390dff1a/
binary refinery: https://github.com/binref/refinery
autoit-ripper: https://github.com/nazywam/AutoIt-Ripper
Follow me on Twitter: https://twitter.com/struppigel
00:00 Intro
00:25 Triage
03:38 Way 1: Unpacking by guessing
10:10 Way 2: …
analysis autoit decrypt decryption find function large malware malware analysis obfuscated packer payload run script shellcode strings unpack unpacking
More from www.youtube.com / MalwareAnalysisForHedgehogs
Malware Analysis - ZPAQ to .NET downloader to Injector DLL unpacking
5 months, 3 weeks ago |
www.youtube.com
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Professional Services Resident Consultant / Senior Professional Services Resident Consultant - AMS
@ Zscaler | Bengaluru, India
Head of Security, Risk & Compliance
@ Gedeon Richter Pharma GmbH | Budapest, HU
Unarmed Professional Security Officer - County Hospital
@ Allied Universal | Los Angeles, CA, United States
Senior Software Engineer, Privacy Engineering
@ Block | Seattle, WA, United States
Senior Cyber Security Specialist
@ Avaloq | Bioggio, Switzerland