OALabs | IRC Botnet Reverse Engineering Part 2 - Analyzing Memory Structures with x64dbg and IDA PRO @OALABS | Uploaded 4 years ago | Updated 3 hours ago
The second part of our in-depth malware reverse engineering series analyzing an IRC worm from 2010. In this part we use x64dbg and IDA Pro to analyzed injected memory structures and further prepare the binary for analysis. Expand for more ....
-----
OALABS DISCORD
discord.gg/6h5Bh5AMDU
OALABS PATREON
patreon.com/oalabs
OALABS TIP JAR
ko-fi.com/oalabs
OALABS GITHUB
github.com/OALabs
UNPACME - AUTOMATED MALWARE UNPACKING
unpac.me/#
-----
Automated Malware Unpacking
unpac.me
** I ate some really spicy food before filming, sorry for all the coughing... I am not ded don't worry.
IRC Botnet Reverse Engineering Part 1
youtube.com/watch?v=JPvcLLYR0tE
Unpacked binary (malshare)
malshare.com/sample.php?action=detail&hash=51e49a9ca65fac6e43827738f90bc475
SHA256 hash:
4eb33ce768def8f7db79ef935aabf1c712f78974237e96889e1be3ced0d7e619
BinDiff tutorial
youtube.com/watch?v=BLBjcZe-C3I
Feedback, questions, and suggestions are always welcome : )
Sergei twitter.com/herrcore
Sean twitter.com/seanmw
As always check out our tools, tutorials, and more content over at openanalysis.net
#MemoryInjection #Botnet #MalwareAnalysis
The second part of our in-depth malware reverse engineering series analyzing an IRC worm from 2010. In this part we use x64dbg and IDA Pro to analyzed injected memory structures and further prepare the binary for analysis. Expand for more ....
-----
OALABS DISCORD
discord.gg/6h5Bh5AMDU
OALABS PATREON
patreon.com/oalabs
OALABS TIP JAR
ko-fi.com/oalabs
OALABS GITHUB
github.com/OALabs
UNPACME - AUTOMATED MALWARE UNPACKING
unpac.me/#
-----
Automated Malware Unpacking
unpac.me
** I ate some really spicy food before filming, sorry for all the coughing... I am not ded don't worry.
IRC Botnet Reverse Engineering Part 1
youtube.com/watch?v=JPvcLLYR0tE
Unpacked binary (malshare)
malshare.com/sample.php?action=detail&hash=51e49a9ca65fac6e43827738f90bc475
SHA256 hash:
4eb33ce768def8f7db79ef935aabf1c712f78974237e96889e1be3ced0d7e619
BinDiff tutorial
youtube.com/watch?v=BLBjcZe-C3I
Feedback, questions, and suggestions are always welcome : )
Sergei twitter.com/herrcore
Sean twitter.com/seanmw
As always check out our tools, tutorials, and more content over at openanalysis.net
#MemoryInjection #Botnet #MalwareAnalysis
![View Disassembly and Pseudocode Windows Synchronize Side-by-Side In IDA Pro [ Patreon Unlocked ]](https://i.ytimg.com/vi/QZQyYkP4Bbg/hqdefault.jpg "View Disassembly and Pseudocode Windows Synchronize Side-by-Side In IDA Pro [ Patreon Unlocked ]
How to view disassembly and pseudocode windows side-by-side in IDA Pro. Subscribe for more tips: https://www.patreon.com/oalabs
OALABS DISCORD
https://discord.gg/6h5Bh5AMDU
OALABS PATREON
https://www.patreon.com/oalabs
Twitch
https://www.twitch.tv/oalabslive
OALABS GITHUB
https://github.com/OALabs
UNPACME - AUTOMATED MALWARE UNPACKING
https://www.unpac.me/#/")
![What The Security Industry Should Know About Reverse Engineering [ Reverse Engineering AMA ]](https://i.ytimg.com/vi/SffxAVWmbk4/hqdefault.jpg "What The Security Industry Should Know About Reverse Engineering [ Reverse Engineering AMA ]
What is one thing you wish your peers in the security industry knew about reverse engineering?
Big thanks to all the reverse engineers who helped us put this together!
Rattle (Jesko)
https://twitter.com/huettenhain
https://github.com/binref/refinery
Jordan (psifertex)
https://twitter.com/psifertex
https://binary.ninja/
Karsten
https://twitter.com/struppigel
https://www.youtube.com/c/MalwareAnalysisForHedgehogs
Drakonia
https://twitter.com/dr4k0nia
https://dr4k0nia.github.io/
C3rb3ru5
https://twitter.com/c3rb3ru5d3d53c
https://c3rb3ru5d3d53c.github.io/
Josh
https://twitter.com/jershmagersh
https://pwnage.io/
Dodo
https://twitter.com/dodo_sec
https://github.com/dodo-sec
Washi
https://twitter.com/washi_dev
https://washi.dev/
OALABS PATREON
https://www.patreon.com/oalabs
OALABS DISCORD
https://discord.gg/6h5Bh5AMDU
Twitch
https://www.twitch.tv/oalabslive
OALABS GITHUB
https://github.com/OALabs
UNPACME - AUTOMATED MALWARE UNPACKING
https://www.unpac.me/#/")
