Malware Analysis - ZPAQ to .NET downloader to Injector DLL unpacking

Uploaded By: Myvideo

Published on

5 Nov 2023

1 view

0

0 votes

0

About Share Download Add to

A phishing attempt with an unusual archive format named ZPAQ leads to an interesting malware downloader. We debloat the sample and decrypt the downloaded .wav file with binary refinery. It turns out to be an injection DLL. We use powershell to execute it and deal with its obfuscation. Although the injector fails, we unpack the payload. Tools: zpaq, DnSpy, IlSpy, binary refinery, PortexAnalyzer, HxD Malware course: ZPAQ article: ZPAQ sample: .WAV file: Twitter: 00:00 Intro 01:27 Original article 02:33 Unpacking ZPAQ and debloating 05:35 Downloader analysis 09:14 Malware course 09:40 Decrypting the .wav file 11:49 injector analysis 16:38 String decryption with PowerShell 21:23 Unpacking the payload

Share with your friends

Link:

Embed:

<iframe width="640" height="360" src="//myvideo.cc/embed/NkoyZnlrU0MvbUxCb2RlMWU4T052NDYyL0VXdzJqQVN4R3drSGZJOGU1WT0" frameborder="0" webkitallowfullscreen mozallowfullscreen allowfullscreen></iframe>

Video Size:

Custom size:

x

Autoplay video

Hide player controls

Hide resume playing

Add to Playlist:

Favorites

My Playlist

Watch Later

Павел Таратынов: зачем Лаборатории Касперского свой SIEM и что от него ожидать

4 months ago

00:09:02

Павел Таратынов: зачем Лаборатории Касперского свой SIEM и что от него ожидать

1 59%

(Не)безопасность Open Source пакетов: о доверии, культуре и инструментах DevSecOps

4 months ago

00:41:39

(Не)безопасность Open Source пакетов: о доверии, культуре и инструментах DevSecOps

2 67%

Demystifying Modern Windows Rootkits

5 months ago

00:31:23

Demystifying Modern Windows Rootkits

1 30%

How to Fix Google Ads Disapproved for Compromised Site 2024 (Case Study)

5 months ago

00:08:27

How to Fix Google Ads Disapproved for Compromised Site 2024 (Case Study)

1 75%

new attack leaks secrets using RAM as a radio

6 months ago

00:08:01

new attack leaks secrets using RAM as a radio

1 79%

Повышение квалификации специалистов по информационной безопасности

6 months ago

02:27:57

Повышение квалификации специалистов по информационной безопасности

1 77%

lol crowdstrike just destroyed the internet

7 months ago

00:06:50

lol crowdstrike just destroyed the internet

1 39%

Project Golden Dragon 2/3

8 months ago

00:28:31

Project Golden Dragon 2/3

1 18%

Project Golden Dragon 1/3

8 months ago

00:31:10

Project Golden Dragon 1/3

1 41%

Project Golden dragon 3/3

8 months ago

00:32:12

Project Golden dragon 3/3

1 61%

Players are in Danger

8 months ago

00:20:53

Players are in Danger

1 83%

Полный гайд по компьютерным вирусам для хакера или безопасника | Люди PRO

9 months ago

00:57:39

Полный гайд по компьютерным вирусам для хакера или безопасника | Люди PRO

1 40%

you will never ask about pointers again after watching this video

10 months ago

00:08:03

you will never ask about pointers again after watching this video

1 7%

ОН ВАМ НЕ ГУСЬ! | РАЗОБЛАЧЕНИЕ Empire of Geese | ПЕРЕЗАЛИВ с канала VirusCheck

11 months ago

00:15:34

ОН ВАМ НЕ ГУСЬ! | РАЗОБЛАЧЕНИЕ Empire of Geese | ПЕРЕЗАЛИВ с канала VirusCheck

1 46%

secret backdoor found in open source software (xz situation breakdown)

11 months ago

00:08:28

secret backdoor found in open source software (xz situation breakdown)

3 45%

researchers find unfixable bug in apple computers

11 months ago

00:08:32

researchers find unfixable bug in apple computers

5 13%

Malware Analysis - JS to PowerShell to XWorm with Binary Refinery

11 months ago

00:34:11

Malware Analysis - JS to PowerShell to XWorm with Binary Refinery

1 33%

coding in c until I go completely insane

11 months ago

00:01:15

coding in c until I go completely insane

1 89%

REDIScovering HeadCrab - A Technical Analysis of a Novel Malware and the Mind Behind It

12 months ago

00:39:13

REDIScovering HeadCrab - A Technical Analysis of a Novel Malware and the Mind Behind It

1 21%

Master Wireshark: Your Ultimate Guide to Hunting Cyber Villains!

12 months ago

02:34:41

Master Wireshark: Your Ultimate Guide to Hunting Cyber Villains!

1 29%

Binary Ninja - Fix unresolved stack pointer

1 year ago

00:05:30

Binary Ninja - Fix unresolved stack pointer

1 77%

Linux for Hackers: LINUX commands you need to know (with OTW) // Ep 6

1 year ago

00:34:03

Linux for Hackers: LINUX commands you need to know (with OTW) // Ep 6

1 19%

This MINI PC ships with SPYWARE! I almost lost everything

1 year ago

00:13:11

This MINI PC ships with SPYWARE! I almost lost everything

1 36%

Malware Analysis - Unpacking AutoIt stub with large obfuscated script

1 year ago

00:40:05

Malware Analysis - Unpacking AutoIt stub with large obfuscated script

1 73%

0 Comments

Guest