Malware Analysis - 3 ways to deobfuscate JScript and JavaScript malware
We use abstract syntax tree manipulation, regex search and replace and dynamic analysis to deobfuscate and unpack GootLoader. Each method has its own pros and cons.
GootLoader is an initial infector written in JScript. Current samples feature up to five layers of packed and obfuscated code.
Malware Analysis course:
extract called functions: helpers
gootloader unpacker:
sample:
Follow me on Twitter:
00:00 Introduction
00:26 First Layer - extract relevant functions
07:24 Regex deobfuscation
14:05 Abstract syntax tree transformations with babel
30:57 Dynamic deobfuscation
40:46 Deobfuscation method overview
41:43 GootLoader unpacker
1 view
0
0
2 months ago 00:09:02 1
Павел Таратынов: зачем “Лаборатории Касперского“ свой SIEM и что от него ожидать
2 months ago 00:41:39 1
(Не)безопасность Open Source пакетов: о доверии, культуре и инструментах DevSecOps
3 months ago 00:31:23 1
Demystifying Modern Windows Rootkits
3 months ago 00:08:27 1
How to Fix Google Ads Disapproved for Compromised Site 2024 🚫🔄 (Case Study) 📈🔓
3 months ago 00:08:01 1
new attack leaks secrets using RAM as a radio
4 months ago 02:27:57 1
Повышение квалификации специалистов по информационной безопасности
5 months ago 00:06:50 1
lol crowdstrike just destroyed the internet
5 months ago 00:28:31 1
Project Golden Dragon 2/3
5 months ago 00:31:10 1
Project Golden Dragon 1/3
5 months ago 00:32:12 1
Project Golden dragon 3/3
5 months ago 00:20:53 1
Players are in Danger
6 months ago 00:57:39 1
⚠️ Полный гайд по компьютерным вирусам для хакера или безопасника | Люди PRO
8 months ago 00:08:03 1
you will never ask about pointers again after watching this video
8 months ago 00:15:34 1
ОН ВАМ НЕ ГУСЬ! | РАЗОБЛАЧЕНИЕ Empire of Geese | ПЕРЕЗАЛИВ с канала VirusCheck
8 months ago 00:08:28 3
secret backdoor found in open source software (xz situation breakdown)
8 months ago 00:08:32 5
researchers find unfixable bug in apple computers
9 months ago 00:01:15 1
coding in c until I go completely insane
9 months ago 00:39:13 1
REDIScovering HeadCrab - A Technical Analysis of a Novel Malware and the Mind Behind It
10 months ago 00:05:30 1
Binary Ninja - Fix unresolved stack pointer
10 months ago 00:34:03 1
Linux for Hackers: LINUX commands you need to know (with OTW) // Ep 6
10 months ago 00:13:11 1
This MINI PC ships with SPYWARE! 🦠 ⚠️ I almost lost everything 😳
11 months ago 00:40:05 1
Malware Analysis - Unpacking AutoIt stub with large obfuscated script
11 months ago 00:27:09 1
Malware Analysis - C2 extractor for Turla’s Kopiluwak using Binary Refinery