Malware Analysis - Unpacking Lumma Stealer from Emmenhtal and Pure Crypter

Автор: MalwareAnalysisForHedgehogs

Загружено: 2025-03-02

Просмотров: 5768

Описание:

Last time we extracted a download URL, in this video we unpack the rest of the Emmenhtal to Pure Crypter to Lumma Stealer infection chain.

Malware analysis courses: https://malwareanalysis-for-hedgehogs...

Tools: binary refinery, Sysinternals strings.exe, notepad++, dnSpyEx, NetReactorSlayer, DiE, Python 3, dnlib

string-decrypt script: https://gist.github.com/struppigel/7f...

Posh script: https://bazaar.abuse.ch/sample/0a92ab...

Posh loaded: https://bazaar.abuse.ch/sample/9297b5...

wvff.pdf (encrypted): https://bazaar.abuse.ch/sample/26b50b...

Lumma payload: https://www.virustotal.com/gui/file/2...

ConfuserEx 2 deobfuscation video: • Malware Analysis - ConfuserEx 2 Deobfuscat...

Buy me a coffee: https://ko-fi.com/struppigel
Follow me on Twitter: / struppigel

#malware #malwareanalysis #reverseengineering

00:00 Intro
00:33 Unpacking first PowerShell layer
09:17 Unpacking .NET mediafire downloader
10:16 Analyzing .NET downloader
12:07 Decrypting wvff.pdf
13:03 Deobfuscating NET Reactor 6.X
21:54 Unpacking Lumma Stealer

Malware Analysis - Unpacking Lumma Stealer from Emmenhtal and Pure Crypter

Доступные форматы для скачивания:

Скачать видео mp4

Информация по загрузке:

Скачать аудио mp3

Похожие видео

Malware Analysis - 3 ways to deobfuscate JScript and JavaScript malware

Malware Analysis - 3 ways to deobfuscate JScript and JavaScript malware

HEJT STOP! | Abcar Oldtimers

HEJT STOP! | Abcar Oldtimers

Как я запускаю и отлаживаю вредоносную службу (анализ вредоносного ПО)

Как я запускаю и отлаживаю вредоносную службу (анализ вредоносного ПО)

Анализ вредоносного ПО — игра на RenPy, находящая вредоносный код в 2956 файлах, подходит для нач...

Анализ вредоносного ПО — игра на RenPy, находящая вредоносный код в 2956 файлах, подходит для нач...

How to Install Sophos Firewall on VmWare workstation

How to Install Sophos Firewall on VmWare workstation

Взлом микропроцессора — Reverse Engineer покажет вам, как это сделать

Взлом микропроцессора — Reverse Engineer покажет вам, как это сделать

IDA Free Reverse Engineering - Step-by-Step DLL Analysis

IDA Free Reverse Engineering - Step-by-Step DLL Analysis

Malware Analysis - Virut, Unpacking a Polymorphic File Infector, Part I

Malware Analysis - Virut, Unpacking a Polymorphic File Infector, Part I

Investigating a Malicious Stealer to Learn Detect-It-Easy!

Investigating a Malicious Stealer to Learn Detect-It-Easy!

Dark Web РАСКРЫТ (БЕСПЛАТНО + Инструмент с открытым исходным кодом)

Dark Web РАСКРЫТ (БЕСПЛАТНО + Инструмент с открытым исходным кодом)

How Hackers Steal Passwords From Your Web Browser | Lumma Malware Analysis with ANY.RUN

How Hackers Steal Passwords From Your Web Browser | Lumma Malware Analysis with ANY.RUN

Analyze Malware Without Running It (Beginner Malware Analysis)

Analyze Malware Without Running It (Beginner Malware Analysis)

Malware Analysis #2 - Another Hacked YouTube Channel Distributes Lumma Stealer!

Malware Analysis #2 - Another Hacked YouTube Channel Distributes Lumma Stealer!

Malware Analysis - Unpacking Alpha Ransomware (Pt. 1)

Malware Analysis - Unpacking Alpha Ransomware (Pt. 1)

Malware Analysis Tools YOU COULD USE

Malware Analysis Tools YOU COULD USE

Win32.Trojan.Lumma/LummaStealer

Win32.Trojan.Lumma/LummaStealer

Access Unlimited Malware Samples FREE! | TheZoo Malware Repository Explained 🔥

Access Unlimited Malware Samples FREE! | TheZoo Malware Repository Explained 🔥

Getting Started with dnSpyEx - Unraveling a .NET Formbook Dropper

Getting Started with dnSpyEx - Unraveling a .NET Formbook Dropper

Reversing WannaCry Part 1 - Finding the killswitch and unpacking the malware in #Ghidra

Reversing WannaCry Part 1 - Finding the killswitch and unpacking the malware in #Ghidra

Fake CAPTCHA Runs Malware

Fake CAPTCHA Runs Malware