An Introduction to Malware Analysis

Рет қаралды 30,599

Күн бұрын

#malware #analysis #SquareX
🌌 Get your very own disposable browser from SquareX for free right now and surf freely, fearlessly, and securely online now! Available on Chrome, Brave, Edge, or by using their dedicated web application: sqrx.io/crow_yt
😊 Check out more from SquareX!
KZfaq: youtube.com/@SquareXTeam?feat...
Twitter: / getsquarex
LinkedIn: / getsquarex
Instagram: / getsquarex
Facebook: / getsquarex
TikTok: / getsquarex
💖 Support My Work
/ cr0w
ko-fi.com/cr0ww
www.buymeacoffee.com/cr0w
Join this channel to get access to perks: / @crr0ww
🔖 My Socials
/ discord
www.crow.rip/
github.com/cr-0w
/ cr0ww_
/ crr0ww
📚 Your Homework
Reverse/analyze the "Ultima" sample from the following repository (extra points if you're able to make a report as well): github.com/cr-0w/analysis
🧙‍♂️ Channels Mentioned & Some More
@_JohnHammond
@MalwareAnalysisForHedgehogs
@OALABS
@huskyhacks
@jstrosch
@c3rb3ru5d3d53c
@lauriewired
@HackerSploit
• Practical Malware Anal...
• Malware Analysis
• Malware
🌐 Websites Mentioned
www.malwarebytes.com/glossary
www.sentinelone.com/cybersecu...
www.gdatasoftware.com/blog/ma...
0xrick.github.io/
bytepointer.com/articles/the_...
learn.microsoft.com/en-us/win...
devblogs.microsoft.com/oldnew...
microsoft.public.vb.winapi.na...
practicalsecurityanalytics.co...
www.getastra.com/blog/securit...
www.safetydetectives.com/blog...
cybermap.kaspersky.com/
👨‍🎓 Courses and Books Mentioned
www.udemy.com/course/windows-...
academy.tcm-sec.com/p/practic...
nostarch.com/malware
blog.securitybreak.io/my-top-...
🔵 FLARE-Related
github.com/mandiant/flare-vm
www.itechtics.com/enable-gped...
github.com/jeremybeaume/tools...
💚 Sourcing Malware
vx-underground[.]org/
bazaar.abuse[.]ch/
github.com/ytisf/theZoo/tree/...
github.com/topics/malware-sam...
⚠️ Disclaimer
The information presented in this video is for educational purposes only. It is not intended to be used for illegal or malicious activities. The creator and any individuals involved in the production of this video are not responsible for any misuse of the information provided. It is the responsibility of the viewer to ensure that they comply with all relevant laws and regulations in their jurisdiction.
The images and music used in this video are used under the principle of fair use for the purpose of criticism, comment, news reporting, teaching, scholarship, and research. I do not claim ownership of any of the images/music and they are used solely for the purpose of enhancing the content of the video. I respect the rights of the creators and owners of these images and will remove any image upon request by the rightful owner. Copyright Disclaimer under section 107 of the Copyright Act of 1976, allowance is made for “fair use” for purposes such as criticism, comment, news reporting, teaching, scholarship, education, and research. Fair use is a use permitted by copyright statute that might otherwise be infringing.
🕰️ Timestamps
00:00 - Intro
01:17 - The Agenda
02:29 - Novice Nerd's Disclaimer
03:05 - Browse Safely With SquareX!
06:26 - Why Malware Analysis?
09:46 - Malware Terminology
13:37 - Malware Analysis Methodology
18:30 - The PE Format
29:33 - Creating Our Malware Analysis Lab
38:50 - Sourcing Malware
40:20 - The Dissection (Analysis Walkthrough/Demo)
1:03:16 - Malware Statistics
1:05:34 - A Serious Discussion
1:09:02 - Outro

Пікірлер: 115

@crr0ww 2 ай бұрын

🌌 Get your very own disposable browser from SquareX for free right now and surf freely, fearlessly, and securely online now! Available on Chrome, Brave, Edge, or by using their dedicated web application: sqrx.io/crow_yt

@hackwithprogramming7849 2 ай бұрын

Hii bro u make amazing videos Love from India

@crr0ww 2 ай бұрын

@@hackwithprogramming7849 thank you so much, i appreciate that

@floriansalingue3637 Ай бұрын

probably the first time that I'm following a sponso, damn, this one is amazing, just like your vid man

@ruthwikkrishna8234 2 ай бұрын

looking forward to more videos. one of the most underrated channels. Looking for more videos from you!!!

@crr0ww 2 ай бұрын

you're too kind, thank you so much, seriously

@lumikarhu 2 ай бұрын

best channel hands down, beats the crap out of the boring JH channel lol

@judai3 Ай бұрын

I really dig the fact that you reference and leave links to blog posts that helped you study those topics. Personally, it helps me very much - I can pause the video, read up on some of those materials, then confront what I learned from the posts with the info I got from your videos and vice versa. Really enhances and speeds up the learning process. Many thanks for your efforts, I only recently discovered your channel and since then I practically binge-watched everything

@yeahmanitsmurph 2 ай бұрын

I prefer using PEstudio and CAPA because they complete a lot of the beginning steps (File type, Hashes, Strings, Malicious APIs etc). CAPA will even map malicious APIs/functions to the MITRE ATT&CK Framework. Also CAPA even has plugins for IDA and Ghidra, so you can map the addresses for these functions when you’re doing dynamic analysis. A good example would be a sample that is VM-aware, CAPA could map it to the check/interrupt, you can then jump to that address and change any flags, values or just NOP sled the crap out of it to force the process to continue.

@crr0ww 2 ай бұрын

i'll definitely be taking a look into that! thank you very much for letting me know and for commenting

@xylentantivirus 2 ай бұрын

I use CAPA, SIGMA, IDS, SUBLIME etc.

@agadaFrancisLouis 28 күн бұрын

please, upload a video after looking into it🙏🙏❤@@crr0ww

@daesk 2 ай бұрын

wake up babe crow has uploaded a video

@hardlyprogramming 25 күн бұрын

I believe you mentioned Obsidian in there somewhere-I'm a big fan of it for note-taking during analyses. Also glad you called out the fun suckers. Just because something is gamified or might seem pointless to others doesn't mean it lacks educational value. For example, I’ve learned a lot about assembly by reverse-engineering the serial routines of old 2000s rogue antivirus programs-a task many might dismiss as utterly pointless! 😆 You're creating some really great content here and I'm looking forward to more.

@-uz 2 ай бұрын

I love your high quality videos, I can‘t wait for the next one I love how you explain these concepts straight to the point and easily understandable

@courageousmelon5654 Ай бұрын

My man, I understand the reluctance to call yourself a malware analyst. But a person driving a truck, is a truck driver. Give yourself some credit, this was inspiring.

@WesselvanderGoot-tb9gg Ай бұрын

Wow, did not see a malware analysis series coming! Excellent timing, since I'm currently doing PMAT from TCM Security. Thanks for the amazing content!

@mynameisIE123 2 ай бұрын

Malware analysis is one of my fav topics. Happy fto know this channel and waiting for other instructional videos!

@felvte370 2 ай бұрын

IT'S HERE! Thank you so much Crow :)

@christian_leone 2 ай бұрын

This new series’s going to be sick man! Really cool vid

@arnavshukla2408 2 ай бұрын

blue teaming always give u another perspective towards security and cyber-health in general. love your creative direction. take care. peace

@crr0ww 2 ай бұрын

100% true! thank you so much for commenting

@arnavshukla2408 2 ай бұрын

@@crr0ww much love.

@giorpy 2 ай бұрын

oh my god new crow upload i just fell to my knees and cried tears of joy

@sinclairxs9856 2 ай бұрын

So good to see you're back! Amazing content, it keeps me motivated in my study journey. I would like to send this to some friends, but they dont speak english (we're from brasil). Do you accept subtitles? I would like to help this reach more people

@MalwareAnalysisForHedgehogs Ай бұрын

Hey, thank you for the mention :)

@Jsoulis 2 ай бұрын

Love this, I recently started getting into Maldev and Mal analysis too

@zyadelzyat 2 ай бұрын

thank you for all the great content here , i am learning malware analysis and your malware development series contains a lot of concepts needed for blue teaming thx 💙

@yannickmiehle 2 ай бұрын

What an informative video and such an interesting topic. I hope to see more from you in the futuure. Everything you do is so well explained and there are little quality sources on this (i feel like) gatekept skillset. Keep those vids coming I am eating up like its nothing even though they are like an hour long each!

@crr0ww 2 ай бұрын

thank you so much ❤:D that means a lot to me

@b3rn4rd01 2 ай бұрын

New subscriber. Fun and educational info. Love the Regular Show titles 😂

@victorsoler8117 Ай бұрын

Maybe the most inspiring video i've ever seen on youtube. Looking forward to more videos, to play FF14 and also aiming to become an expert on maldev and malanalysis :)

@joanjordanov9480 2 ай бұрын

looking forward for the series!!!!! Love the content

@crr0ww 2 ай бұрын

thank you so much!! :) i appreciate it

@Nihillius 2 ай бұрын

underrated channel.appreciate man🙏

@SweeZyGuMiMax 25 күн бұрын

Great video man ! Can you do one on process ghosting or fork&run ?

@theviralhub245 2 ай бұрын

This gotta be one channel that has some good quality when it comes to security content. Just wish you carried on with the binary exploitation track. Maybe dive into exploitation techniques like ROP chaining, Format string vulns to leak important data from the stack and many others. Think about it crow ;-). Love the content though bro. Keep it up

@crr0ww 2 ай бұрын

thank you so much! that means so much to me :) and don't worry, i haven't forgotten my roots, a whole binexp series is planned as well :)

@curious_cripple 2 ай бұрын

Very good video excited for part two

@manunganga4110 2 ай бұрын

You're back 🔥🔥🔥🔥🔥🔥🔥🔥🔥.

@minhducnguyen1271 2 ай бұрын

Loving your content

@jackgoelden 2 ай бұрын

As always awesome video.

@shahrukhabrar 2 ай бұрын

Time to grab popcorn

@theecodepoet 3 күн бұрын

This was amazing thank you so much

@PurpleRabbitx 2 ай бұрын

So awesome! Blue team for the win!

@november448 2 ай бұрын

I can't wait to watch this

@Cheesybeer 2 ай бұрын

Love your vids! Will there ever be a video about beacon object files / C2 focused evasion techniques as well? ^^ PS: you make learning a lot more fun :)

@crr0ww 2 ай бұрын

thank you so much!! that's so sweet :D and yes! i don't know the *exact* details but i might cover C2 servers, their uses, setup, BOFs, maybe even a series on making our own ;p we'll see but yes it's def planned! thank you for your kind words

@Cheesybeer 2 ай бұрын

@@crr0ww Awesome!! looking forward to it, as well as all your other new vids :)

@halmirofigliolo1637 Ай бұрын

Cheers from Italy!

@lepuzki 2 ай бұрын

Nice timing

@manasuniyal2897 2 ай бұрын

I am here , learning from you . Please share other recourses with us like books or other references where from we can learn more about the development of malwares and

@crr0ww 2 ай бұрын

hi there! thank you for commenting! you can check the description for some extra resources regarding malware analysis :)

@REZOLVER 2 ай бұрын

Wow! Best video!!!

@Dreom 2 ай бұрын

Hehe new video 🎉

@RazviOverflow 20 күн бұрын

Thank you for your videos :)

@Luna0wl 2 ай бұрын

Comment for the algo. PS: make more, your vids are awesome!

@crr0ww 2 ай бұрын

thank you so much!! :D

@redarrowgaming4700 2 ай бұрын

What is the virtual machine software being used? Is the VMWare Workstation Player? I use VirtualBox but that looks easier and better or I just may not not know to snapshot using Virtualbox

@tx5648 Ай бұрын

Your voice is unique !! Unfortunately its only distracting me from getting what I NEED HERE 😔

@gamerkarir306 2 ай бұрын

1:11 AAAAAAAAAAHHHHHHHHHHH

@sinatra02 2 ай бұрын

GLITTERYCHOCOBO123??!! crow i wish you were real

@noorkhara1429 2 ай бұрын

he’s real in our hearts

@sud0gh0st 2 ай бұрын

The main reason to learn analysis / RE free 0days :p

@Cheesybeer 2 ай бұрын

Keep it up :)

@m_ism 2 ай бұрын

Holy shit crow video spotted

@grjesus9979 2 ай бұрын

Video starts at 6:30

@piolix0004 2 ай бұрын

GET this shit into everyones recommended I CANNOT believe it wasn't in mine until now

@crr0ww 2 ай бұрын

LOVE YOU POLIO

@Celestenshi 2 ай бұрын

Thanks

@crr0ww 2 ай бұрын

!!!! thank you so much wtf

@bamboooz3201 2 ай бұрын

I analysed this video an found out it was epic.

@crr0ww 2 ай бұрын

i analyzed YOUR comment and found out YOU were epic. thank you so much for commenting

@Hazem_Samir 2 ай бұрын

Are you not gonna continue malware development course ?

@crr0ww 2 ай бұрын

i 100% will be! just taking a look into the blue-teaming side of things :p

@zishanahmad8458 2 ай бұрын

any prerequisites nedded to follow along the series in case of a beginner ?

@crr0ww 2 ай бұрын

nope! i'll try to cover everything as we proceed :)

@faanross 2 ай бұрын

there goes my plans for the day😅

@crr0ww 2 ай бұрын

:')

@Zetty 2 ай бұрын

Another banger by corvid jones

@crr0ww 2 ай бұрын

corbid joens

@Zetty 2 ай бұрын

jormid cone

@crr0ww 2 ай бұрын

@@Zettycormo june?

@Gobillion160 2 ай бұрын

cool beans

@sk_sandeepp Ай бұрын

DISCORD LINK IS EXPIRED

@anandvenkatraman8983 2 ай бұрын

@4sakenGol3m 18 күн бұрын

Just like I, lol @30:37

@lumikarhu 2 ай бұрын

i work as a blue teamer, forget it. i want to get back to red teaming again.. maldev and malanalysis is cool but that doesnt mean you have to become the blasphemous blueteamer bro

@xX_H347H3R_Xx 2 ай бұрын

Oh no Mr. Crow, please don't expose my meoware... with your... sexy voice and informative tutorials.👉👈

@TheHashCrackingSlasher 2 ай бұрын

Damn, im early as shit

@aminel2a 2 ай бұрын

3:45 * let say free means you don't pay with money 😅

@kismet4023 2 ай бұрын

my favourite poookie wooooookie!!

@golanoski1 Ай бұрын

Idk how I feel about clicking links given to me by a malware development specialist. 🤔

@noorkhara1429 2 ай бұрын

(о´∀`о) new cr0w vid !!!!!! :3 yippee

@inLoopie 2 ай бұрын

brother you need to chill with the attack time on your compressor, every word is just popping lol

@dharanisanjaiy 2 ай бұрын

Kawwwwwwwww

@sgwaic 2 ай бұрын

first

@yassinemedouar5324 14 сағат бұрын

BRO COME BAAAACK IT S BEEN 2 MONTHS NOW, WE MISS THE JOKES

@yassinemedouar5324 14 сағат бұрын

sry caps, and the educational content ofc :))

@RealCatDev 2 ай бұрын

meOwU

@sleepinggoose7259 2 ай бұрын

you sounds like korean

@i_need_storage 2 ай бұрын

my favorite least favorite youtuber just uploaded

@crr0ww 2 ай бұрын

🗣🔥❗❗❗❗

@MegaNatebreezy Ай бұрын

Way too much fluff… get to the point and stop going off on tangents bruh

@Celestenshi Ай бұрын

bro doesn't understand comedy

@MegaNatebreezy Ай бұрын

@@Celestenshimy guy… the video is literally 1 hr and 10 mins what u smoking on

@V0ngard3n 2 ай бұрын

I still can’t believe it….CROW ma’ boy you made my day !!! Big love from Romanian Underworld 🛰🖤

@crr0ww 2 ай бұрын

much love, brother!! u just made mine