Mind blowing. keep bringing these kind of wholesome videos. It really inspired to me get started being a newbie.. 😍 Few question though 1. I wonder why didn't you mention defanging the binary before performing all the static analysis. 2. Will there be more in depth analysis of malware in future videos? Like dissecting source code, if it can be recovered in some way. So that we can understand how it actually deleted itself and placed itself inside google update .
Happy to help. 1. Great point. I didn't mention defanging for this sample, since it wasn't necessary. But this was an oversight on my end, for safe handling, always defang! 2. Yes, hopefully. There will be more content to come. I still yet to learn some advanced analysis techniques.
first off, great video. Exciting to work with something live and be guided as we go. There are a few things that I would hope you may touch up on with your next video. Someone commented about defanging. That sounds important. As for me, I would like to know what to do with the malware files after one is done. Does one simply turn off the VM or does one send the files to the trash bin, recycle, and then shut down the FlareVM window, or can we just simply reset the Snapshot? I know it sounds silly to ask, but definitely would help. Keep up the great work and again, looking forward to more of your videos.
20:35, Another way to keep your anxiety in check is to remove the .exe file extension meaning if you accidentally double-clicked on the file it won't recognize it as an executable and it won't execute, and change the file extension anxiety free just use the command line or PowerShell to change the files .exe extension to the file name with no extension.
This is really well done However my malware was not acting at all the same way as yours was, it didn't ask to run any app and it had maybe one or two processes in the process tree. When detonating on WireShark, multiple times, never got a peep out of it. Made sure I was running remnux and all that, and they were connected host to host, etc But, I was still able to run the process alongside you, which is what I was looking to do. Great experience to put on a resume.
I am stuck at the part where you enable the internet in the FlareVM i copy everything you do but im getting not able to reach any web pages i imagine because my dns settings on FlareVM is 10.0.0.4 which is the REMnux ip. How did you get it working? thx
Bro I need a Suggestion I just completed my bachelor's in computer science and now I want to do my MS in cyber security. but I'm confused there are a lot of domains and also university programs' list that make me more confused, can you help find the right program for my ms in cyber security
If I want to work in Cybersecurity should I get a bachelors degree in Cybersecurity or bachelors degree in Computer Science with a minor in Cybersecurity? I know you have a bachelors degree in CBS, but would you recommend it instead of CS now that you've gone through it? Thanks.
Hi, correct, I have a Bachelor's in Cybersecurity. I recommend a Bachelor's in either. Do whichever one you find more interesting. Computer science may be more beneficial if you do not want to limit your opportunities to just security-oriented jobs after graduating. Also, many computer science degrees are well-established compared to the "newer" field of cybersecurity. I do not regret getting my degree in cybersecurity. I still would have chosen my degree in cybersecurity because I knew before entering university that I wanted to pursue the industry.
@@collinsinfosec would you recommend the cybersecurity bachelors program from texas a&m commerce? I tried to post the link to the catalog but my comment keeps getting deleted. Thanks
ive sat through a lot of cyber threat related presentations and this was great! very informative and you have a really good presenter voice.
Very cool and in depth analysis. Haven’t finished the video but already just loving finding all these tools for malware detection and analysis
I really enjoy your channel keep them coming. what I was needing. Thank you
Brilliant. I hope you create more content like this one !!!
Thank you for sharing
this is really incredible grant, hope there are future eps in the work!
This is the best Trojan. I am glad that I was familiar with the author of this magnificent virus and was in his group back in 2011.
Thanks for breaking everything down! Great for beginners and pros alike
As soon as i finished watching the build for a lab, talk about perfect timing :)
Perfect timing haha! Enjoy.
Mind blowing. keep bringing these kind of wholesome videos. It really inspired to me get started being a newbie.. 😍 Few question though
1. I wonder why didn't you mention defanging the binary before performing all the static analysis.
2. Will there be more in depth analysis of malware in future videos? Like dissecting source code, if it can be recovered in some way. So that we can understand how it actually deleted itself and placed itself inside google update .
Happy to help.
1. Great point. I didn't mention defanging for this sample, since it wasn't necessary. But this was an oversight on my end, for safe handling, always defang!
2. Yes, hopefully. There will be more content to come. I still yet to learn some advanced analysis techniques.
can you please suggest any malware course outside and what course are you learning
@@collinsinfosec
Hey man, I don’t comment much on TH-cam videos but you helped me with my capstone project for school. Thank you for your content!
Amazing Video! I learned a lot. Keep up the good work!
first off, great video. Exciting to work with something live and be guided as we go. There are a few things that I would hope you may touch up on with your next video. Someone commented about defanging. That sounds important. As for me, I would like to know what to do with the malware files after one is done. Does one simply turn off the VM or does one send the files to the trash bin, recycle, and then shut down the FlareVM window, or can we just simply reset the Snapshot? I know it sounds silly to ask, but definitely would help. Keep up the great work and again, looking forward to more of your videos.
Learnt a lot. Thank you!
Thank, informative.
intro is the uac bypass method, loops until you press yes
20:35, Another way to keep your anxiety in check is to remove the .exe file extension meaning if you accidentally double-clicked on the file it won't recognize it as an executable and it won't execute, and change the file extension anxiety free just use the command line or PowerShell to change the files .exe extension to the file name with no extension.
This is really well done
However my malware was not acting at all the same way as yours was, it didn't ask to run any app and it had maybe one or two processes in the process tree. When detonating on WireShark, multiple times, never got a peep out of it. Made sure I was running remnux and all that, and they were connected host to host, etc
But, I was still able to run the process alongside you, which is what I was looking to do. Great experience to put on a resume.
Is it possible that it detected it was in a VM? Malware will often behave differently if it does.
@@JustinLazlo Nice, I didnt know that
great video finished it
I am stuck at the part where you enable the internet in the FlareVM i copy everything you do but im getting not able to reach any web pages i imagine because my dns settings on FlareVM is 10.0.0.4 which is the REMnux ip. How did you get it working? thx
Very COOL video, are you going to do it with AWS version too? It would be amazing to see how it's done in a cloud enviroment
best video with least views
👍Thanks !
this is from 15 years ago
surely translatable but still
Im getting an invalid architecture error when trying to floss the executable into strings.txt
Thank you for this wonderful project❤
Is this the last part of the project?
This is the last part of the project. Hope you enjoyed the series!
I enjoyed it very much, thank you
May I share it with my friends on LinkedIn and mention you?
@@omarashraf4914 Absolutely!
I can’t believe this is free
I would like to see how malware obfuscate themselves to evade defender and all
❤❤❤
It would be helpful if you send the analysis report link to download. I am in need of it. Thanks
Bro I need a Suggestion
I just completed my bachelor's in computer science and now I want to do my MS in cyber security. but I'm confused there are a lot of domains and also university programs' list that make me more confused, can you help find the right program for my ms in cyber security
If I want to work in Cybersecurity should I get a bachelors degree in Cybersecurity or bachelors degree in Computer Science with a minor in Cybersecurity? I know you have a bachelors degree in CBS, but would you recommend it instead of CS now that you've gone through it?
Thanks.
Hi, correct, I have a Bachelor's in Cybersecurity. I recommend a Bachelor's in either. Do whichever one you find more interesting. Computer science may be more beneficial if you do not want to limit your opportunities to just security-oriented jobs after graduating. Also, many computer science degrees are well-established compared to the "newer" field of cybersecurity.
I do not regret getting my degree in cybersecurity. I still would have chosen my degree in cybersecurity because I knew before entering university that I wanted to pursue the industry.
@@collinsinfosec Ok. Thank you so much for the reply! You have cleared up a lot of confusion!
@@collinsinfosec would you recommend the cybersecurity bachelors program from texas a&m commerce? I tried to post the link to the catalog but my comment keeps getting deleted. Thanks
@@PVredeemed go to wgu, thank me later, i graduated in 7 months
Bro teach me how to create a Home lab to test these malware and malicious pcap stuff
Please make vd about malware apk analysis
That's a flarevm lab right ?
Please sir, how do i contact you. It's very important and will be beneficial to you too
Email is probably the best option, grant@cybercademy.org.
can anyone send me report for this
25:24
I love your videos because they are very useful. I wish you success🤍