Zombieware @OALABS

OALabs | Zombieware @OALABS | Uploaded 5 months ago | Updated 2 hours ago
Self-replicating malware, long abandoned by its operators, continues to contribute significant volume and noise to malware feeds. We investigate this trend, which we refer to as Zombieware!

Join us on Patreon for Part 2 where we reverse engineer a popular file infector and write an extractor to recover the infected files!

patreon.com/posts/zombieware-part-103656376

Full Zombieware blog post can be found on our UnpacMe blog here: blog.unpac.me/2024/04/25/zombieware

Ladislav Zezula's excellent talk from BSides Prague can be found here:
youtube.com/watch?v=OgXvd-Wce9o

-----
OALABS DISCORD
discord.gg/oalabs

OALABS PATREON
patreon.com/oalabs

Twitch
twitch.tv/oalabslive

OALABS GITHUB
github.com/OALabs

UNPACME - AUTOMATED MALWARE UNPACKING
unpac.me/#
-----

Analyzing Hancitor DLL Live - Lets Build A Config Extractor!

What is a Breakpoint - Debugging Explained

View Disassembly and Pseudocode Windows Synchronize Side-by-Side In IDA Pro [ Patreon Unlocked ]

Unpacking Gootkit Part 2 - Debugging Anti-Analysis Tricks With IDA Pro and x64dbg

IDA Pro Scripting Intro - Automate Dynamic Import Resolving for REvil Ransomware

Lazy String Decryption Tips With IDA PRO and Shade Ransomware Unpacked!

Unpacking Process Injection Malware With IDA PRO (Part 1)

What The Security Industry Should Know About Reverse Engineering [ Reverse Engineering AMA ]

Control Flow Flattening Obfuscation Explained Practically [ Twitch Clip ]

IDA Pro Decompiler Basics Microcode and x86 Calling Conventions