Analyzing the Zeus Banking Trojan - Malware Analysis Project 101

แชร์
ฝัง
  • เผยแพร่เมื่อ 26 พ.ย. 2024

ความคิดเห็น • 57

  • @ruzu.
    @ruzu. ปีที่แล้ว +4

    ive sat through a lot of cyber threat related presentations and this was great! very informative and you have a really good presenter voice.

  • @BreakingStupidity
    @BreakingStupidity ปีที่แล้ว +2

    Very cool and in depth analysis. Haven’t finished the video but already just loving finding all these tools for malware detection and analysis

  • @vitss02
    @vitss02 8 หลายเดือนก่อน

    This is the best Trojan. I am glad that I was familiar with the author of this magnificent virus and was in his group back in 2011.

  • @gitgudsec
    @gitgudsec 9 หลายเดือนก่อน

    this is really incredible grant, hope there are future eps in the work!

  • @bishophunter6955
    @bishophunter6955 ปีที่แล้ว +2

    I really enjoy your channel keep them coming. what I was needing. Thank you

  • @mattheworr7059
    @mattheworr7059 9 หลายเดือนก่อน

    Thanks for breaking everything down! Great for beginners and pros alike

  • @Manavetri
    @Manavetri 3 หลายเดือนก่อน

    Brilliant. I hope you create more content like this one !!!
    Thank you for sharing

  • @AvinashKumar-fe8xb
    @AvinashKumar-fe8xb ปีที่แล้ว +4

    Mind blowing. keep bringing these kind of wholesome videos. It really inspired to me get started being a newbie.. 😍 Few question though
    1. I wonder why didn't you mention defanging the binary before performing all the static analysis.
    2. Will there be more in depth analysis of malware in future videos? Like dissecting source code, if it can be recovered in some way. So that we can understand how it actually deleted itself and placed itself inside google update .

    • @collinsinfosec
      @collinsinfosec  ปีที่แล้ว +2

      Happy to help.
      1. Great point. I didn't mention defanging for this sample, since it wasn't necessary. But this was an oversight on my end, for safe handling, always defang!
      2. Yes, hopefully. There will be more content to come. I still yet to learn some advanced analysis techniques.

    • @mehervardhan2177
      @mehervardhan2177 ปีที่แล้ว

      can you please suggest any malware course outside and what course are you learning
      @@collinsinfosec

  • @MrIntake
    @MrIntake ปีที่แล้ว

    As soon as i finished watching the build for a lab, talk about perfect timing :)

  • @ME-L3U
    @ME-L3U ปีที่แล้ว

    20:35, Another way to keep your anxiety in check is to remove the .exe file extension meaning if you accidentally double-clicked on the file it won't recognize it as an executable and it won't execute, and change the file extension anxiety free just use the command line or PowerShell to change the files .exe extension to the file name with no extension.

  • @lexiriam
    @lexiriam 11 หลายเดือนก่อน

    first off, great video. Exciting to work with something live and be guided as we go. There are a few things that I would hope you may touch up on with your next video. Someone commented about defanging. That sounds important. As for me, I would like to know what to do with the malware files after one is done. Does one simply turn off the VM or does one send the files to the trash bin, recycle, and then shut down the FlareVM window, or can we just simply reset the Snapshot? I know it sounds silly to ask, but definitely would help. Keep up the great work and again, looking forward to more of your videos.

  • @dekra6242
    @dekra6242 ปีที่แล้ว

    Amazing Video! I learned a lot. Keep up the good work!

  • @SreejithRc
    @SreejithRc 17 วันที่ผ่านมา

    Great Video 👏

  • @rob2rox
    @rob2rox ปีที่แล้ว

    intro is the uac bypass method, loops until you press yes

  • @kishanpatel-uk8su
    @kishanpatel-uk8su 9 หลายเดือนก่อน +2

    Hey man, I don’t comment much on TH-cam videos but you helped me with my capstone project for school. Thank you for your content!

  • @ChadVanHalen5150
    @ChadVanHalen5150 10 หลายเดือนก่อน

    This is really well done
    However my malware was not acting at all the same way as yours was, it didn't ask to run any app and it had maybe one or two processes in the process tree. When detonating on WireShark, multiple times, never got a peep out of it. Made sure I was running remnux and all that, and they were connected host to host, etc
    But, I was still able to run the process alongside you, which is what I was looking to do. Great experience to put on a resume.

    • @JustinLazlo
      @JustinLazlo 6 หลายเดือนก่อน

      Is it possible that it detected it was in a VM? Malware will often behave differently if it does.

    • @ftgljared
      @ftgljared 5 หลายเดือนก่อน

      @@JustinLazlo Nice, I didnt know that

  • @lydiagachari8191
    @lydiagachari8191 5 หลายเดือนก่อน

    Learnt a lot. Thank you!

  • @Hartley94
    @Hartley94 ปีที่แล้ว +2

    Thank, informative.

  • @willroberts2773
    @willroberts2773 3 หลายเดือนก่อน +1

    I am stuck at the part where you enable the internet in the FlareVM i copy everything you do but im getting not able to reach any web pages i imagine because my dns settings on FlareVM is 10.0.0.4 which is the REMnux ip. How did you get it working? thx

  • @JoeMama-dg8cl
    @JoeMama-dg8cl ปีที่แล้ว +1

    great video finished it

  • @MarcBadalBatllori
    @MarcBadalBatllori ปีที่แล้ว

    Very COOL video, are you going to do it with AWS version too? It would be amazing to see how it's done in a cloud enviroment

  • @EurekaTeklemariamHaile
    @EurekaTeklemariamHaile ปีที่แล้ว

    best video with least views

  • @ftgljared
    @ftgljared 5 หลายเดือนก่อน

    Im getting an invalid architecture error when trying to floss the executable into strings.txt

  • @omarashraf4914
    @omarashraf4914 ปีที่แล้ว

    Thank you for this wonderful project❤
    Is this the last part of the project?

    • @collinsinfosec
      @collinsinfosec  ปีที่แล้ว

      This is the last part of the project. Hope you enjoyed the series!

    • @omarashraf4914
      @omarashraf4914 ปีที่แล้ว +1

      I enjoyed it very much, thank you
      May I share it with my friends on LinkedIn and mention you?

    • @collinsinfosec
      @collinsinfosec  ปีที่แล้ว

      @@omarashraf4914 Absolutely!

  • @dharsann6515
    @dharsann6515 ปีที่แล้ว

    It would be helpful if you send the analysis report link to download. I am in need of it. Thanks

  • @tanhowseng
    @tanhowseng ปีที่แล้ว

    I can’t believe this is free

  • @PVredeemed
    @PVredeemed ปีที่แล้ว +1

    If I want to work in Cybersecurity should I get a bachelors degree in Cybersecurity or bachelors degree in Computer Science with a minor in Cybersecurity? I know you have a bachelors degree in CBS, but would you recommend it instead of CS now that you've gone through it?
    Thanks.

    • @collinsinfosec
      @collinsinfosec  ปีที่แล้ว +2

      Hi, correct, I have a Bachelor's in Cybersecurity. I recommend a Bachelor's in either. Do whichever one you find more interesting. Computer science may be more beneficial if you do not want to limit your opportunities to just security-oriented jobs after graduating. Also, many computer science degrees are well-established compared to the "newer" field of cybersecurity.
      I do not regret getting my degree in cybersecurity. I still would have chosen my degree in cybersecurity because I knew before entering university that I wanted to pursue the industry.

    • @PVredeemed
      @PVredeemed ปีที่แล้ว +1

      @@collinsinfosec Ok. Thank you so much for the reply! You have cleared up a lot of confusion!

    • @PVredeemed
      @PVredeemed ปีที่แล้ว

      @@collinsinfosec would you recommend the cybersecurity bachelors program from texas a&m commerce? I tried to post the link to the catalog but my comment keeps getting deleted. Thanks

    • @ftgljared
      @ftgljared 5 หลายเดือนก่อน

      @@PVredeemed go to wgu, thank me later, i graduated in 7 months

  • @joelogbechie2049
    @joelogbechie2049 ปีที่แล้ว

    That's a flarevm lab right ?

  • @firosiam7786
    @firosiam7786 ปีที่แล้ว

    I would like to see how malware obfuscate themselves to evade defender and all

  • @PandoraApocalypse
    @PandoraApocalypse ปีที่แล้ว

    Bro teach me how to create a Home lab to test these malware and malicious pcap stuff

  • @guilherme5094
    @guilherme5094 ปีที่แล้ว

    👍Thanks !

  • @abdullahtanveer316
    @abdullahtanveer316 ปีที่แล้ว

    Bro I need a Suggestion
    I just completed my bachelor's in computer science and now I want to do my MS in cyber security. but I'm confused there are a lot of domains and also university programs' list that make me more confused, can you help find the right program for my ms in cyber security

  • @SeniorScriptKitty
    @SeniorScriptKitty 4 หลายเดือนก่อน

    this is from 15 years ago
    surely translatable but still

  • @cvport8155
    @cvport8155 ปีที่แล้ว

    Please make vd about malware apk analysis

  • @grletgo9794
    @grletgo9794 ปีที่แล้ว

    ❤❤❤

  • @ThomasSmith-v6u
    @ThomasSmith-v6u ปีที่แล้ว

    Please sir, how do i contact you. It's very important and will be beneficial to you too

    • @collinsinfosec
      @collinsinfosec  ปีที่แล้ว

      Email is probably the best option, grant@cybercademy.org.

  • @MuhammadArhamMahmood
    @MuhammadArhamMahmood 6 หลายเดือนก่อน

    can anyone send me report for this

  • @PratyushSrivastava-g4k
    @PratyushSrivastava-g4k หลายเดือนก่อน

    make one by using cuckoo sandbox

  • @noorsmadi-li8rc
    @noorsmadi-li8rc ปีที่แล้ว +7

    I love your videos because they are very useful. I wish you success🤍

  • @tannisk
    @tannisk ปีที่แล้ว

    25:24