Myvideo

Guest

Login

Malware Analysis - Unpacking AutoIt stub with large obfuscated script

Uploaded By: Myvideo
1 view
0
0 votes
0

We look at two ways to unpack malware that was crypted with an AutoIt packer. At first we trick our way to the payload, skipping the AutoIt script altogether. At the second run we thoroughly analyse the packer stub, decrypt strings, unpack the shellcode and find the decryption function in it. Malware Analysis course: sample: binary refinery: autoit-ripper: Follow me on Twitter: 00:00 Intro 00:25 Triage 03:38 Way 1: Unpacking by guessing 10:10 Way 2: Finding the code in large scripts 12:22 String decryption 29:51 Shellcode decryption 32:19 Shellcode analysis 34:32 Config extraction 37:31 3 lessons we learned

Share with your friends

Link:

Embed:

Video Size:

Custom size:

x

Add to Playlist:

Favorites
My Playlist
Watch Later