Unpacking and Extracting TrickBot Malware Configuration With x64dbg and Python
Open Analysis Live! We unpack TrickBot and extract it's configuration file using x64dbg and a Python script from the KevinTheHermit project. Expand for more...
-----
OALABS DISCORD
/ discord
OALABS PATREON
/ oalabs
OALABS TIP JAR
https://ko-fi.com/oalabs
OALABS GITHUB
https://github.com/OALabs
UNPACME - AUTOMATED MALWARE UNPACKING
https://www.unpac.me/#/
-----
Packed sample (download the zip file):
Sha256:
fa9ad80c0977cdbfe8419d27ca9ad909d34f1737df726f4d175f6b85b0670074
http://www.malware-traffic-analysis.n...
Unpacked Stage 2:
Sha256: 5609b3f916346146771b721ee20f7679ce87b7fc4b6a18bf6adf7201b98c5e22
https://malshare.com/sample.php?actio...
Unpacked Stage 3 (Trickbot payload):
Sha256: 54dd37adfb6917060392a89b539b8402c7166f452cd5534df6ea9df607908181
https://malshare.com/sample.php?actio...
Kevin the hermit config extractors:
https://github.com/kevthehermit/RATDe...
Modified standalone version of TrickBot extractor:
https://gist.github.com/herrcore/35ad...
Sysopfb github (more malware analysis scripts):
https://github.com/sysopfb
x64dbg:
https://x64dbg.com/#start
More TrickBot samples to practice unpacking:
http://www.malware-traffic-analysis.n...
http://www.malware-traffic-analysis.n...
http://www.malware-traffic-analysis.n...
http://www.malware-traffic-analysis.n...
Tutorial on self-injection unpacking:
• Unpacking Princess Locker and Fixing ...
Feedback, questions, and suggestions are always welcome : )
Sergei / herrcore
Sean / seanmw
As always check out our tools, tutorials, and more content over at http://www.openanalysis.net
Смотрите видео Unpacking and Extracting TrickBot Malware Configuration With x64dbg and Python онлайн без регистрации, длительностью часов минут секунд в хорошем качестве. Это видео добавил пользователь OALabs 20 Июнь 2018, не забудьте поделиться им ссылкой с друзьями и знакомыми, на нашем сайте его посмотрели 19,777 раз и оно понравилось 451 людям.