Популярное

Музыка Кино и Анимация Автомобили Животные Спорт Путешествия Игры Юмор

Интересные видео

2025 Сериалы Трейлеры Новости Как сделать Видеоуроки Diy своими руками

Топ запросов

смотреть а4 schoolboy runaway турецкий сериал смотреть мультфильмы эдисон
dTub
Скачать

Three and a half ways to unpack malware using Ollydbg

Автор: cybercdh

Загружено: 2017-07-11

Просмотров: 30802

Описание:

Here I demonstrate to you three (and a half!) ways to unpack malware. Malware is often packed for the purpose of AntiVirus and Analysis evasion, therefore it is super useful to know how to dump malware in its unpacked form.

Here I demonstrate how to unpack using UPX (which is cheating, right!) then I show you the following three manual methods:

1. Eyeballing the tail jump
2. Using Hardware Breakpoint on the stack
3. Pre-empting the use of GetModuleHandleA

This enables us to dump the malware in its unpacked form so we can rebuild the headers using Scylla and then perform some more advanced behavioural / static analysis.

Tools used:
Ollydbg - http://www.ollydbg.de/
Scylla - https://github.com/NtQuery/Scylla
Process Hacker - http://processhacker.sourceforge.net/

MD5 of the sample analysed: 91208451ef36dfda1fa00444abc95808

Hope this is useful :) Feel free to submit your comments and questions and don't forget to subscribe to my channel and follow me here:   / cybercdh  

Three and a half ways to unpack malware using Ollydbg

Поделиться в:

Доступные форматы для скачивания:

Скачать видео mp4

  • Информация по загрузке:

Скачать аудио mp3

Похожие видео

CVE-2017-11882 - 3 ways to perform technical analysis, 1 easy way to protect

CVE-2017-11882 - 3 ways to perform technical analysis, 1 easy way to protect
Extract Shellcode from Fileless Malware like a Pro

Extract Shellcode from Fileless Malware like a Pro
Работа с UPX — ручная распаковка с помощью IDA Pro, x32dbg и Scylla

Работа с UPX — ручная распаковка с помощью IDA Pro, x32dbg и Scylla
Five Awesome Tools to perform Behavioural Analysis of Malware

Five Awesome Tools to perform Behavioural Analysis of Malware
#8 How to Manually Unpack Malware

#8 How to Manually Unpack Malware
Malware Noob2Ninja Course

Malware Noob2Ninja Course
Reversing for Newbies - Pt 1: Binary Patching (Lena151 Assembly Tutorials)

Reversing for Newbies - Pt 1: Binary Patching (Lena151 Assembly Tutorials)
CNIT 126 9: OllyDbg (Часть 1)

CNIT 126 9: OllyDbg (Часть 1)
Detect, Hunt & Analyze Threats with INTEZER

Detect, Hunt & Analyze Threats with INTEZER
Lazy String Decryption Tips With IDA PRO and Shade Ransomware Unpacked!

Lazy String Decryption Tips With IDA PRO and Shade Ransomware Unpacked!
Malware Triage Tips: How To Stop Wasting Time in IDA On Packed Samples [ Twitch Clip ]

Malware Triage Tips: How To Stop Wasting Time in IDA On Packed Samples [ Twitch Clip ]
Investigating Malware Using Memory Forensics - A Practical Approach

Investigating Malware Using Memory Forensics - A Practical Approach
GPT-5.1 Pro Ломает Рынок ИИ! Самое Смелое Обновление OpenAI. Google В Шоке! Ход, Который Не Ждали!

GPT-5.1 Pro Ломает Рынок ИИ! Самое Смелое Обновление OpenAI. Google В Шоке! Ход, Который Не Ждали!
How To Defeat Anti-VM and Anti-Debug Packers With IDA Pro

How To Defeat Anti-VM and Anti-Debug Packers With IDA Pro
Jaff Ransomware - A quick technical analysis

Jaff Ransomware - A quick technical analysis
Распаковка вредоносного ПО для инъекций процессов с помощью IDA PRO (часть 1)

Распаковка вредоносного ПО для инъекций процессов с помощью IDA PRO (часть 1)
Unpacking a Trojan with Ghidra and x64dbg

Unpacking a Trojan with Ghidra and x64dbg
Getting Started With Ghidra For Malware Analysis

Getting Started With Ghidra For Malware Analysis
MALWARE ANALYSIS - VBScript Decoding & Deobfuscating

MALWARE ANALYSIS - VBScript Decoding & Deobfuscating
How To Quickly Unpack Qbot Loader Malware

How To Quickly Unpack Qbot Loader Malware

© 2025 dtub. Все права защищены.



  • Контакты
  • О нас
  • Политика конфиденциальности



Контакты для правообладателей: [email protected]