Категории

PDF Malware Analysis with Volatility, Any.Run & VirusTotal

Опубликовано: 30 Апрель 2024
на канале: Motasem Hamdan | Cyber Security & Tech
908
44

In this video walkthrough, we covered a cyber incident response case study that involved a malicious PDF malware delivered through a phishing email. The PDF malware once opened, spawned a powershell session in a hidden window that execute a base64 encoded command to retrieve another malicious file from a C2 server. We extracted the sample using Volatility plugins then we uploaded the sample to Virustotal and Any.run to dynamically analyze the malware and extract the related artifacts.
****
Receive Cyber Security Field, Certifications Notes and Special Training Videos
   / @motasemhamdan  
*****
Register and start analyzing malwares with Any.run
https://app.any.run/?utm_source=youtu...
******
Writeup
https://motasem-notes.net/en/memory-f...
********
Google Profile
https://maps.app.goo.gl/eLotQQb7Dm6ai...
LinkedIn
[1]:   / motasem-hamdan-7673289b  
[2]:   / motasem-eldad-ha-bb42481b2  
Instagram
  / dev.stuxnet  
Twitter
  / manmotasem  
Facebook
  / motasemhamdantty  

play_arrow
3,135,31
178 тыс

QUIEN ES EL ZOMBIE?

QUIEN ES EL ZOMBIE?
play_arrow
1,94

[PuppetConf 2014][Modules] Test Driven Development with Puppet - Gareth Rushgrove, Pupp...

[PuppetConf 2014][Modules] Test Driven Development with Puppet - Gareth Rushgrove, Pupp...
play_arrow
5

How to join Text Files easily with Free Combine Text Files 4dots

How to join Text Files easily with Free Combine Text Files 4dots
play_arrow
13

Такого вы еще не видели. Диадема/корона/ободок из бисера и натуральных камней

Такого вы еще не видели. Диадема/корона/ободок из бисера и натуральных камней "Нептун".
play_arrow
55

Настройка и работа с программным комплексом POS Интеллект

Настройка и работа с программным комплексом POS Интеллект
play_arrow
1

Best waterfall I have seen so far, AMAZING!!

Best waterfall I have seen so far, AMAZING!!
play_arrow
3,10
2

Bypass FRP T-mobile REVVL V+ 5G Android 11 latest update No PC

Bypass FRP T-mobile REVVL V+ 5G Android 11 latest update No PC
play_arrow
1,87
23

Lonely Night - เป๊ก ผลิตโชค - [ piano cover by KruNatt ]

Lonely Night - เป๊ก ผลิตโชค - [ piano cover by KruNatt ]
Похожие видео
play_arrow
FREE Short Course | Log Analysis & Management: Windows & Linux

FREE Short Course | Log Analysis & Management: Windows & Linux
play_arrow
The New Sony WF-C510 Wireless Earbuds | Review #sony #technews #earbuds #tech #technology

The New Sony WF-C510 Wireless Earbuds | Review #sony #technews #earbuds #tech #technology
play_arrow
APT42: Meet The Hackers Who Are Hacking The 2024 U.S Elections #hacker #technews #news #election

APT42: Meet The Hackers Who Are Hacking The 2024 U.S Elections #hacker #technews #news #election
play_arrow
Malware Analysis with Ghidra | TryHackMe Advanced static analysis

Malware Analysis with Ghidra | TryHackMe Advanced static analysis
play_arrow
The Linus Tech Tips Hack Explained #hacker #technews #cybersecurity #hacker

The Linus Tech Tips Hack Explained #hacker #technews #cybersecurity #hacker
play_arrow
The New Crypto Malware: Styx #hacker #cybersecurity #tech #news #crypto #cryptocurrency

The New Crypto Malware: Styx #hacker #cybersecurity #tech #news #crypto #cryptocurrency
play_arrow
The Slilpp Dark Marketplace Hack Explained #darkweb #hacker #hack

The Slilpp Dark Marketplace Hack Explained #darkweb #hacker #hack
play_arrow
Corporate Espionage Investigation | SMB Packets Decryption | TryHackMe Block

Corporate Espionage Investigation | SMB Packets Decryption | TryHackMe Block
play_arrow
Crowdstrike Outage Explained In Less Than a Minute #cybersecurity #crowdstrike #microsoft #hacker

Crowdstrike Outage Explained In Less Than a Minute #cybersecurity #crowdstrike #microsoft #hacker
play_arrow
Pyramid of Pain in Cybersecurity Explained Practically | TryHackMe Summit

Pyramid of Pain in Cybersecurity Explained Practically | TryHackMe Summit
play_arrow
XOR Cryptography with Python | TryHackMe W1seGuy

XOR Cryptography with Python | TryHackMe W1seGuy
play_arrow
Security Assessment With Atomic Red Team Tutorial | TryHackMe Atomic Red Team

Security Assessment With Atomic Red Team Tutorial | TryHackMe Atomic Red Team
play_arrow
Threat Hunting Case Study | The Strange Invoice | TryHackMe Hunt Me 1: Payment Collectors

Threat Hunting Case Study | The Strange Invoice | TryHackMe Hunt Me 1: Payment Collectors
play_arrow
Android Reverse Engineering | Part 2 | Extracting Encrypted Secrets

Android Reverse Engineering | Part 2 | Extracting Encrypted Secrets
play_arrow
Threat Hunting Techniques in Cyber Security | TryHackMe Threat Hunting: Foothold

Threat Hunting Techniques in Cyber Security | TryHackMe Threat Hunting: Foothold
play_arrow
Craft CMS CVE-2023-41892 Vulnerability Exploitation | POC

Craft CMS CVE-2023-41892 Vulnerability Exploitation | POC
play_arrow
Investigating a Hacked PhpMyAdmin Database With The Elastic Stack | TryHackMe Slingshot

Investigating a Hacked PhpMyAdmin Database With The Elastic Stack | TryHackMe Slingshot
play_arrow
Memory Forensics with Volatility | PDF Malware Analysis with Any.Run | Cyber Incident Response

Memory Forensics with Volatility | PDF Malware Analysis with Any.Run | Cyber Incident Response
play_arrow
Wazuh SIEM Explained | TryHackMe Creating Custom Wazuh Alerts

Wazuh SIEM Explained | TryHackMe Creating Custom Wazuh Alerts
play_arrow
Open Source Intelligence Techniques | The Case of Blackhat SEO | TryHackMe WebOSINT

Open Source Intelligence Techniques | The Case of Blackhat SEO | TryHackMe WebOSINT
play_arrow
Event Analysis and Logs Parsing with Splunk | TryHackMe Fixit

Event Analysis and Logs Parsing with Splunk | TryHackMe Fixit
play_arrow
Introduction to Logging & Logs | TryHackMe Intro to Logs

Introduction to Logging & Logs | TryHackMe Intro to Logs
play_arrow
Firmware Vulnerability Scanning & Security Testing with BugProve

Firmware Vulnerability Scanning & Security Testing with BugProve
play_arrow
Practical Phishing Email Analysis | PhishTool & Any.Run | TryHackMe

Practical Phishing Email Analysis | PhishTool & Any.Run | TryHackMe