all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

OneNote Malware Trends - OneNote Leads to AgentTesla

Add to bookmarks
March 23, 2023, 5 p.m. | Dr Josh Stroschein

Dr Josh Stroschein www.youtube.com

In this video, we'll continue to track Onenote malware trends by looking into a document that leads to AgentTesla. Analysis will be very similar to the previous videos - we'll use Onedump to grab the script and investigate a couple of straight-forward stages of Powershell.

SHA256: 9cf84c2868f691d955048d761e223fbac99021676c31effb3bee711f24569323

00:00 Introduction
00:28 Too Long; Didn't Watch (TLDW)
01:21 Sample Info and Getting Started
02:46 Analyzing the Next Stage Script (Embedded EXE)
03:32 Tips for Analyzing Large Base64 Blogs
04:49 Moving to CyberChef …

agenttesla analysis continue document embedded forward grab info introduction malware onenote powershell script sha256 stage tips trends video videos watch

Visit resource

More from www.youtube.com / Dr Josh Stroschein

🔴 Malware Mondays Episode 02 - Investigating Processes with Process Explorer and System Informer 7 hours ago | www.youtube.com
basics explorer focus information +9
Malware Mondays?!? Learn more 2 days, 22 hours ago | www.youtube.com
learn malware
Malware Mondays Episode 01 - Identifying Malicious Activity in Process Monitor (ProcMon) Data 2 weeks ago | www.youtube.com
artifact data goal learn +11
MM#01 - How to Capture Malicious Activity with Process Monitor! Using ProcMon with Amadey Malware 3 weeks, 4 days ago | www.youtube.com
amadey artifacts capture data +11
Malware Mondays Episode 01 - Identifying Malicious Activity in Process Monitor (ProcMon) Data 3 weeks, 4 days ago | www.youtube.com
artifact data goal learn +11
Why Do You Need to Know Assembly to Use IDAPro or Ghidra? Exploring disassembly and … 4 weeks ago | www.youtube.com
assembly disassembly effectively ghidra +9
Ease Shellcode Analysis with SCLauncher! Learn how-to wrap shellcode into a PE file 1 month ago | www.youtube.com
analysis debugging development easy +18
Customizing FakeNet-NG for Malicious Document Analysis! How to modify the web root 1 month, 1 week ago | www.youtube.com
analysis can default dive +16
Building a VM for Reverse Engineering and Malware Analysis! Installing the FLARE-VM 1 month, 3 weeks ago | www.youtube.com
analysis building docs engineering +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Security Solution Architect

@ Civica | London, England, United Kingdom
View on infosec-jobs.com

Information Security Officer (80-100%)

@ SIX Group | Zurich, CH
View on infosec-jobs.com

Cloud Information Systems Security Engineer

@ Analytic Solutions Group | Chantilly, Virginia, United States
View on infosec-jobs.com

SRE Engineer & Security Software Administrator

@ Talan | Mexico City, Spain
View on infosec-jobs.com
View more jobs