Stealer Malware Analysis Part 2 (Stream - 15/04/2025)

In this stream we continued looking at the Steac C++ variant in Binary Ninja, where we wrote automation to propagate decrypted strings across our database, reverse engineered C++ structures and began analyzing the malware's command-and-control functionality.

Learn how to reverse engineer malware: https://training.invokere.com/course/...
Notes: https://github.com/Invoke-RE/stream-n...
Twitch:   / invokereversing  
Twitter:   / invokereversing  
Mastodon: https://infosec.exchange/@invokerever...

Introduction & Previous Work 00:00
Decrypt String Global Renaming Automation 03:57
Global Import Renaming Automation 19:18
Reverse Engineering Structs 29:34
Analyzing Stealc Functionality 42:06
Wrapping Up 56:18