all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Malware Theory - Five Unpacking Methods and Generic Unpacking Approach

Add to bookmarks
March 16, 2024, 11:22 a.m. | MalwareAnalysisForHedgehogs

MalwareAnalysisForHedgehogs www.youtube.com

An overview to unpacking methods, when to apply them and what generic approach to use for unpacking malware.

Malware Course: https://www.udemy.com/course/windows-malware-analysis-for-hedgehogs-beginner-training/?couponCode=9E0FEBA1085CD0AB8036
Follow me on Twitter: https://twitter.com/struppigel

infographics: https://struppigel.github.io/WisdomForHedgehogs/Execution%20Environments/Infographics/

Additional resources:

- Packer identification: https://www.youtube.com/watch?v=ozyBOXpKm1I&t
- Virtualization based obfuscation: https://www.youtube.com/watch?v=b6udPT79itk
- Skim for obvious XOR encryption: https://www.youtube.com/watch?v=xzxg0Jxnv0E
- Run and Dump with PE-Sieve: https://www.youtube.com/watch?v=fwo4XE2xgis
- Debugging and Breakpoints - Agniane Stealer: https://www.youtube.com/watch?v=-KJ0HIvmVl0
- Memory Mapping: https://www.youtube.com/watch?v=cc1tX1t_bLg
- Dumpulator: https://www.youtube.com/watch?v=4Pfu98Xx9Yo
- Self-Extracting Patch: https://youtu.be/DjaptW9gL8E?si=wP0QVqW2S_WsVjiK&t=1865

Tools:

mal_unpack: https://github.com/hasherezade/mal_unpack/releases
binary refinery: https://github.com/binref/refinery
CyberChef: https://gchq.github.io/CyberChef/ …

breakpoints debugger emulation encryption identification malware resources run theory tools unpacking

Visit resource

More from www.youtube.com / MalwareAnalysisForHedgehogs

Triaging Files on VirusTotal 1 week ago | www.youtube.com
can depth files find +11
Malware Analysis - JS to PowerShell to XWorm with Binary Refinery 3 weeks, 6 days ago | www.youtube.com
analysis atom binary configuration +19
Malware Theory - Five Unpacking Methods and Generic Unpacking Approach 1 month, 1 week ago | www.youtube.com
breakpoints debugger emulation encryption +7
Binary Ninja - Fix unresolved stack pointer 2 months ago | www.youtube.com
binary binary ninja fix function +1
Malware Analysis - Unpacking AutoIt stub with large obfuscated script 3 months ago | www.youtube.com
analysis autoit decrypt decryption +14
Malware Analysis - C2 extractor for Turla's Kopiluwak using Binary Refinery 3 months, 1 week ago | www.youtube.com
analysis apt beginners binary +16
Malware Analysis - 3 ways to deobfuscate JScript and JavaScript malware 4 months ago | www.youtube.com
analysis code cons current +18
Malware Analysis - .NETReactor deobfuscation and configuration extraction of AgentTesla 5 months, 2 weeks ago | www.youtube.com
agenttesla analysis box configuration +10
Malware Analysis - ZPAQ to .NET downloader to Injector DLL unpacking 5 months, 3 weeks ago | www.youtube.com
analysis archive binary deal +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Associate Principal Security Engineer

@ Activision Blizzard | Work from Home - CA
View on infosec-jobs.com

Security Engineer- Systems Integration

@ Meta | Bellevue, WA | Menlo Park, CA | New York City
View on infosec-jobs.com

Lead Security Engineer (Digital Forensic and IR Analyst)

@ Blue Yonder | Hyderabad
View on infosec-jobs.com

Senior Principal IAM Engineering Program Manager Cybersecurity

@ Providence | Redmond, WA, United States
View on infosec-jobs.com

Information Security Analyst II or III

@ Entergy | The Woodlands, Texas, United States
View on infosec-jobs.com
View more jobs