Unpacking Bokbot / IcedID Malware - Part 1
Автор: OALabs
Загружено: 2018-10-26
Просмотров: 12379
Описание:
We demonstrate how to unpack the first two stages of Bokbot / IcedID malware with x64dbg, PeBear, and IDA Pro. Expand for more...
-----
OALABS DISCORD
/ discord
OALABS PATREON
/ oalabs
OALABS TIP JAR
https://ko-fi.com/oalabs
OALABS GITHUB
https://github.com/OALabs
UNPACME - AUTOMATED MALWARE UNPACKING
https://www.unpac.me/#/
-----
Original sample:
0ca2971ffedf0704ac5a2b6584f462ce27bac60f17888557dc8cd414558b479e
https://cape.contextis.com/analysis/2...
Stage1 (packed UPX):
7f463bd55aa360032fbd6489b4e34455178a35254ff66c1cd98d0775437074b4
https://cape.contextis.com/analysis/2...
Stage2 (custom injector):
89a0325379e1e868b668955ed41ba0faa724845028bc961a0691f19e5213dedf
https://cape.contextis.com/analysis/2...
Talos blog post on Bokbot injection method:
https://blog.talosintelligence.com/20...
Vitali Kremez analysis of IcedID:
https://www.vkremez.com/2018/09/lets-...
TUTORIAL - How to setup a FREE malware analysis VM
https://oalabs.openanalysis.net/2018/...
Stay tuned for PART 2 ...
Feedback, questions, and suggestions are always welcome : )
Sergei / herrcore
Sean / seanmw
As always check out our tools, tutorials, and more content over at https://www.openanalysis.net
Повторяем попытку...
Доступные форматы для скачивания:
Скачать видео
-
Информация по загрузке:
![Malware Triage Tips: How To Stop Wasting Time in IDA On Packed Samples [ Twitch Clip ]](https://image.4k-video.ru/id-video/f59HWEFG5Do)
