Malware Analysis - Hybrid Analysis for Malware Assessment

Автор: MalwareAnalysisForHedgehogs

Загружено: 2022-07-30

Просмотров: 7744

Описание: Automatic sandbox systems like Hybrid-Analysis are a great way to speed up malware analysis. We find a file flagged as keylogger that has almost no antivirus detections.

Report: https://www.hybrid-analysis.com/sampl...

Malware analysis courses: https://malwareanalysis-for-hedgehogs...
Buy me a coffee: https://ko-fi.com/struppigel
Follow me on Twitter: / struppigel

00:00 Introduction
00:17 What is Hybrid Analysis, hunting undetected malware
04:28 Sample flagged as keylogger, things I look at first
05:45 File Details: Hashes explained
09:47 File Details: compiler, version info, icon, PortEx visualization
14:40 File Sections
14:58 File Imports: when is ImpHash useless
15:23 Screenshots: conclusions related to risk assessment
17:00 Processes, API calls, was there process injection
19:17 Network Analysis
19:32 Why was it flagged as keylogger
20:42 Extracted Strings: UAC bypass?
22:04 Dropped Files
25:05 Malicious Indicators
27:05 Suspicious Indicators
33:46 Summary: Is this file malicious? How to proceed with analysis?
35:09 Summary: General tips for malware analysis with sandbox systems

Не удается загрузить Youtube-плеер. Проверьте блокировку Youtube в вашей сети.
Повторяем попытку...

Malware Analysis - Hybrid Analysis for Malware Assessment

Доступные форматы для скачивания:

Скачать видео

Информация по загрузке:

Скачать аудио

Похожие видео

Malware Analysis - Virut, Unpacking a Polymorphic File Infector, Part I

Malware Analysis - Virut, Unpacking a Polymorphic File Infector, Part I

Reversing - Writing an EXE4J Configuration Extractor

Reversing - Writing an EXE4J Configuration Extractor

CyberCamp 2022. Раскладываем атаки по MITRE

CyberCamp 2022. Раскладываем атаки по MITRE

SOC Analyst Training: Analyzing Microsoft Office Files Laced with Malware

SOC Analyst Training: Analyzing Microsoft Office Files Laced with Malware

Malware Theory - How Packers Work, Polymorphism and Misconceptions

Malware Theory - How Packers Work, Polymorphism and Misconceptions

Does Writing Malware Help With Malware Analysis?

Does Writing Malware Help With Malware Analysis?

Introduction to Malware Analysis

Introduction to Malware Analysis

MALWARE ANALYSIS - VBScript Decoding & Deobfuscating

MALWARE ANALYSIS - VBScript Decoding & Deobfuscating

Investigating Malware Using Memory Forensics - A Practical Approach

Investigating Malware Using Memory Forensics - A Practical Approach

Malware Analysis In 5+ Hours - Full Course - Learn Practical Malware Analysis!

Malware Analysis In 5+ Hours - Full Course - Learn Practical Malware Analysis!

Analyzing Windows Malware on Linux: Getting Started Tips and Examples

Analyzing Windows Malware on Linux: Getting Started Tips and Examples

Блокировка Telegram в России началась. Кто победит?

Блокировка Telegram в России началась. Кто победит?

Malware Analysis - Writing x64dbg unpacking scripts

Malware Analysis - Writing x64dbg unpacking scripts

Malware Analysis - Unpacking Alpha Ransomware (Pt. 1)

Malware Analysis - Unpacking Alpha Ransomware (Pt. 1)

Malware Analysis - Unpacking Lumma Stealer from Emmenhtal and Pure Crypter

Malware Analysis - Unpacking Lumma Stealer from Emmenhtal and Pure Crypter

Let's Talk About Shimcache - The Most Misunderstood Artifact

Let's Talk About Shimcache - The Most Misunderstood Artifact

Malware Analysis Part #1: Basic Static Analysis

Malware Analysis Part #1: Basic Static Analysis

Malware Analysis - Java Malware Deobfuscation

Malware Analysis - Java Malware Deobfuscation

Malware Analysis Tools YOU COULD USE

Malware Analysis Tools YOU COULD USE

Finding and Decoding Malicious Powershell Scripts - SANS DFIR Summit 2018

Finding and Decoding Malicious Powershell Scripts - SANS DFIR Summit 2018