Advertisement · 728 × 90
#
Hashtag
#MalwareAnalysisForHedgehogs
Advertisement · 728 × 90
Karsten Hahn
Karsten Hahn
@struppigel.bsky.social
2 weeks ago
Build your own AI Malware Analysis Lab with Remnux
Build your own AI Malware Analysis Lab with Remnux YouTube video by MalwareAnalysisForHedgehogs

🦔 📹 Video: Building your own AI Malware Analysis Lab
➡️ old system, 16 GB RAM
➡️ using Remnux
#MalwareAnalysisForHedgehogs #LLM
www.youtube.com/watch?v=YOdu...

0 0 0 0
Karsten Hahn
Karsten Hahn
@struppigel.bsky.social
3 weeks ago
Malware Analysis - Deobfuscating NodeJs pkg packed stealer MythJs
Malware Analysis - Deobfuscating NodeJs pkg packed stealer MythJs YouTube video by MalwareAnalysisForHedgehogs

🦔 📹 New video: NodeJs analysis when deobfuscator fails
➡️ #MythJs stealer sample
➡️ pkg VFS exploration tool
➡️ js-confuser

#MalwareAnalysisForHedgehogs
www.youtube.com/watch?v=gtLq...

0 0 1 0
Karsten Hahn
Karsten Hahn
@struppigel.bsky.social
2 months ago
Malware Analysis - Malicious MS Office files without Macros
Malware Analysis - Malicious MS Office files without Macros YouTube video by MalwareAnalysisForHedgehogs

🦔 📹 New Video: Can office files be malicious without Macros?

➡️ VSTO Add-Ins
➡️ External Templates
➡️ Checklist for Office analysis
#MalwareAnalysisForHedgehogs
www.youtube.com/watch?v=RtHH...

6 4 2 1
Karsten Hahn
Karsten Hahn
@struppigel.bsky.social
3 months ago
Malware Analysis - RenPy game, finding malware code in 2956 files, Beginner friendly
Malware Analysis - RenPy game, finding malware code in 2956 files, Beginner friendly YouTube video by MalwareAnalysisForHedgehogs

🦔 📹New Video: RenPy game loads stealer, beginner friendly
➡️ strategies for finding malware in 2956 files
➡️ extracting and decompiling RenPy
➡️ remote access tool config extraction
➡️ unpacking native payload
#MalwareAnalysisForHedgehogs #RenPy
www.youtube.com/watch?v=Fmfg...

3 1 0 0
Karsten Hahn
Karsten Hahn
@struppigel.bsky.social
4 months ago
Malware Analysis - Defeating ConfuserEx Anti-Analysis with Hooking
Malware Analysis - Defeating ConfuserEx Anti-Analysis with Hooking YouTube video by MalwareAnalysisForHedgehogs

🦔📹 New Video: Modifying string decrypter for a ConfuserEx2 variant
➡️ Defeating antis with Harmony hooks
➡️ AsmResolver
➡️ .NET string deobfuscation
#MalwareAnalysisForHedgehogs
www.youtube.com/watch?v=sARn...

3 1 0 0
Karsten Hahn
Karsten Hahn
@struppigel.bsky.social
5 months ago
Malware Analysis - Trojanized NordVPN Setup, Beginner Sample
Malware Analysis - Trojanized NordVPN Setup, Beginner Sample YouTube video by MalwareAnalysisForHedgehogs

🦔 📹 Video: Analysis of malicious NordVPN setup
➡️ beginner-suitable
➡️ sorry, no spoilers here ;)

www.youtube.com/watch?v=5-OY...

#MalwareAnalysisForHedgehogs

1 0 0 0
Karsten Hahn
Karsten Hahn
@struppigel.bsky.social
6 months ago
Malware Theory - What breakpoints to set for unpacking
Malware Theory - What breakpoints to set for unpacking YouTube video by MalwareAnalysisForHedgehogs

🦔 📹 New video: What breakpoints to set for unpacking malware?
➡️ Steps of unpacking stub
➡️ Breakpoint targets
➡️ VirtualAlloc from user to kernel mode

#MalwareAnalysisForHedgehogs #Unpacking
www.youtube.com/watch?v=fn8r...

2 2 0 0
Karsten Hahn
Karsten Hahn
@struppigel.bsky.social
7 months ago
Analysis Verdicts: There is more than Clean and Malicious
Analysis Verdicts: There is more than Clean and Malicious YouTube video by MalwareAnalysisForHedgehogs

🦔 📹 New Video: There is more than Clean and Malicious

➡️ 7 file analysis verdicts and what they mean

#MalwareAnalysisForHedgehogs #Verdicts
www.youtube.com/watch?v=XwT2...

5 3 0 1
Karsten Hahn
Karsten Hahn
@struppigel.bsky.social
8 months ago
Malware Analysis - Virut's file infection, part 3
Malware Analysis - Virut's file infection, part 3 YouTube video by MalwareAnalysisForHedgehogs

🦔 📹 Virut Part III: File infection analysis and bait file creation

#MalwareAnalysisForHedgehogs #Virut
www.youtube.com/watch?v=FcXP...

3 1 0 0
Karsten Hahn
Karsten Hahn
@struppigel.bsky.social
10 months ago
Malware Analysis - Virut's NTDLL Hooking and Process Infection, Part 2
Malware Analysis - Virut's NTDLL Hooking and Process Infection, Part 2 YouTube video by MalwareAnalysisForHedgehogs

Virut part II: process infection and NTDLL hooking 🦔📹
➡️x64dbg scripting
➡️conditional breakpoints
➡️more import table resolving
➡️fixing control flow
➡️marking up hook code

#MalwareAnalysisForHedgehogs #Virut
www.youtube.com/watch?v=nuxn...

3 3 0 0
Karsten Hahn
Karsten Hahn
@struppigel.bsky.social
11 months ago
Malware Analysis - Virut, a polymorphic file infector
Malware Analysis - Virut, a polymorphic file infector YouTube video by MalwareAnalysisForHedgehogs

🦔 📹New Video: Analysis of Virut - Part I
➡️ self-modifying code
➡️ Ghidra markup decryption stub
➡️ API resolving
➡️ unpacking
#MalwareAnalysisForHedgehogs
www.youtube.com/watch?v=250B...

3 2 0 0
Karsten Hahn
Karsten Hahn
@struppigel.bsky.social
1 year ago
Malware Analysis - Unpacking Lumma Stealer from Emmenhtal and Pure Crypter
Malware Analysis - Unpacking Lumma Stealer from Emmenhtal and Pure Crypter YouTube video by MalwareAnalysisForHedgehogs

🦔 📹 New Video: Unpacking Lumma Stealer

We continue where we left off last time and unpack the Emmenhtal to Pure Crypter to Lumma Stealer chain.

www.youtube.com/watch?v=aenO...

#MalwareAnalysisForHedgehogs #LummaStealer

6 3 2 0
Karsten Hahn
Karsten Hahn
@struppigel.bsky.social
1 year ago
Malware Analysis - Binary Refinery URL extraction of Multi-Layered PoshLoader for LummaStealer
Malware Analysis - Binary Refinery URL extraction of Multi-Layered PoshLoader for LummaStealer YouTube video by MalwareAnalysisForHedgehogs

🦔 📹 New Video: Binary Refinery deobfuscation of a LummaStealer loader (PowerShell, JScript)

www.youtube.com/watch?v=kHU_...
#MalwareAnalysisForHedgehogs #PowerShell #JScript

6 4 0 0
Karsten Hahn
Karsten Hahn
@struppigel.bsky.social
1 year ago
Malware Analysis - Writing Code Signatures
Malware Analysis - Writing Code Signatures YouTube video by MalwareAnalysisForHedgehogs

🦔 📹 Video: Learn how to write code based signatures
➡️ using privateloader as example
➡️ what to detect
➡️ where to set wildcards
➡️ how to test your rule on unpac me
www.youtube.com/watch?v=oxC9...
#MalwareAnalysisForHedgehogs #privateloader

9 7 1 1
Karsten Hahn
Karsten Hahn
@struppigel.bsky.social
1 year ago
The real reason antivirus software detects cracks
The real reason antivirus software detects cracks Why does antivirus software detect most cracks as malware or PUP?Udemy course: https://www.udemy.com/course/windows-malware-analysis-for-hedgehogs-beginner-t...

New video: Why antivirus software detects cracks as malware or PUP 🦔📹

#MalwareAnalysisForHedgehogs #cracks #antivirus
www.youtube.com/watch?v=KA7R...

2 2 0 0
Karsten Hahn
Karsten Hahn
@struppigel.bsky.social
1 year ago
Malware Analysis - D3f@ck loader from Inno Setup to JPHP
Malware Analysis - D3f@ck loader from Inno Setup to JPHP A new Malware as a Service named 'd3f(at)ck' ships as Inno Setup in its first stage and continues to download a JPHP executable. JPHP runs on the Java VM but...

🦔 📹 New Video: D3fack loader analysis

➡️ Inno Setup pascal script analysis
➡️ string deobfuscation with binary refinery
➡️ JPHP decompilation

Sample was first described by @RussianPanda9xx

www.youtube.com/watch?v=y09Z...
#MalwareAnalysisForHedgehogs #D3fackLoader

0 0 0 0
Karsten Hahn
Karsten Hahn
@struppigel.bsky.social
1 year ago
Malware Simulators cannot test Antivirus Software
Malware Simulators cannot test Antivirus Software Malware simulators cannot properly test antivirus software, nor do they improve the protection capabilities of antivirus software.I will walk you through an ...

New Video: Why malware simulators cannot tell you if a malware or technique is detected by AV🦔📹

(... unless they were specifically made for that product)

#MalwareAnalysisForHedgehogs
www.youtube.com/watch?v=yJZC...

1 0 0 0
Karsten Hahn
Karsten Hahn
@struppigel.bsky.social
1 year ago

🦔 📹 Triaging 9 Samples on VirusTotal

➡️ Why does Bitdefender dominate the detection rate?
➡️ Why do launchers look so suspicious?
➡️ Why does well-known shellcode have a low detection rate?

#MalwareAnalysisForHedgehogs #VirusTotal
www.youtube.com/watch?v=v8fR...

0 0 0 0
Karsten Hahn
Karsten Hahn
@struppigel.bsky.social
2 years ago

New Video: Unpacking JScript -> PowerShell -> XWorm with Binary Refinery

#MalwareAnalysisForHedgehogs #XWorm
www.youtube.com/watch?v=5Ztm...

1 0 0 0
Karsten Hahn
Karsten Hahn
@struppigel.bsky.social
2 years ago

🦔📹 New Video: Unpacking Methods overview and when to use them. 📦

➡️ Run and dump
➡️ Debugger and breakpoints
➡️ Self-extracting patch
➡️ Emulation
➡️ Static unpacking
#MalwareAnalysisForHedgehogs #Unpacking
youtu.be/z2r06ByQAus?...

0 0 0 0
Karsten Hahn
Karsten Hahn
@struppigel.bsky.social
2 years ago

New Video: Unpacking payload from AutoIt-based stub 🦔 📹
2 ways: fast guessing or thorough analysis

➡️ extracting AutoIt script
➡️ finding relevant code in large scripts
➡️ string decryption
➡️ quick shellcode analysis

#MalwareAnalysisForHedgehogs
www.youtube.com/watch?v=xzxg...

0 0 0 0
Karsten Hahn
Karsten Hahn
@struppigel.bsky.social
2 years ago

New Video: Deobfuscation of JScript malware like GootLoader using 3 methods 🦔

➡️ regex
➡️ AST manipulation
➡️ dynamic deobfuscation

#GootLoader #MalwareAnalysisForHedgehogs #AST #JScript

www.youtube.com/watch?v=Djap...

4 0 0 0