Тёмный

Analyzing the Zeus Banking Trojan - Malware Analysis Project 101 

Grant Collins
Подписаться 204 тыс.
Просмотров 29 тыс.
50% 1
ВидеоПоделитьсяСкачатьДобавить в

⛔ Disclaimers: I take no responsibility or accountability for infection of malicious software, programs, files onto any computer or workstation. This project and videos are for educational purposes only. I do not condone the development, use of, or spreading of programs to intentionally harm assets, networks, or individuals.
Safety is key when dealing with malware. Ensure you always are following protocols when it comes to downloading and detonating a malicious sample. Follow all instructions within the courses and listed resources.
📝 Notes:
cybercademy.org/the-malware-a...
⏰ Timestamps:
0:00 - Introduction
1:01 - Overview of Analysis
3:52 - Background Info & History
7:11 - Overview of Analysis Tools
14:05 - Download Zeus Banking Trojan
19:25 - Static Analysis
55:27 - Advanced Static Analysis
1:06:36 - Dynamic Analysis
1:29:33 - Writing YARA Rule
1:40:55 - Conclusion
🔗 Links & Commands:
Zeus Banking Trojan Binary (Be Careful!) - github.com/ytisf/theZoo/tree/...
Cutter - cutter.re/
🐕 Follow Me:
Twitter: / collinsinfosec
Instagram: / _collinsinfosec
Cybercademy Discord Server: / discord
🤔 Have questions, concerns, comments?:
Email me: grant@cybercademy.org
🎧 Gear:
Laptop (Lenovo X1 Carbon Ultrabook 6th Gen): amzn.to/2O0UfAM​​​​​
Monitors (Dell D Series 31.5” D3218HN): amzn.to/2EXlgRF​​​​​
Keyboard (Velocifire VM01): amzn.to/2TEswfd​​​​​
Headphones (Audio Technica ATH-M40x): amzn.to/2F4Tvq6​​​​​
Work Monitors (Dell U4919DW UltraSharp 49 Curved Monitor): amzn.to/3yQmDhM
Desk (FLEXISPOT EW8 Comhar Electric Standing Desk): amzn.to/3S9OxvG

Опубликовано:

 

1 июн 2024

Поделиться:

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист
Посмотреть позже
Комментарии : 46   
@BreakingStupidity
@BreakingStupidity 9 месяцев назад
Very cool and in depth analysis. Haven’t finished the video but already just loving finding all these tools for malware detection and analysis
@ruzu.
@ruzu. 6 месяцев назад
ive sat through a lot of cyber threat related presentations and this was great! very informative and you have a really good presenter voice.
@bishophunter6955
@bishophunter6955 9 месяцев назад
I really enjoy your channel keep them coming. what I was needing. Thank you
@faanross
@faanross 3 месяца назад
this is really incredible grant, hope there are future eps in the work!
@mattheworr7059
@mattheworr7059 3 месяца назад
Thanks for breaking everything down! Great for beginners and pros alike
@dekra6242
@dekra6242 7 месяцев назад
Amazing Video! I learned a lot. Keep up the good work!
@lexiriam
@lexiriam 5 месяцев назад
first off, great video. Exciting to work with something live and be guided as we go. There are a few things that I would hope you may touch up on with your next video. Someone commented about defanging. That sounds important. As for me, I would like to know what to do with the malware files after one is done. Does one simply turn off the VM or does one send the files to the trash bin, recycle, and then shut down the FlareVM window, or can we just simply reset the Snapshot? I know it sounds silly to ask, but definitely would help. Keep up the great work and again, looking forward to more of your videos.
@vitss02
@vitss02 2 месяца назад
This is the best Trojan. I am glad that I was familiar with the author of this magnificent virus and was in his group back in 2011.
@MrIntake
@MrIntake 9 месяцев назад
As soon as i finished watching the build for a lab, talk about perfect timing :)
@collinsinfosec
@collinsinfosec 9 месяцев назад
Perfect timing haha! Enjoy.
@Hartley94
@Hartley94 9 месяцев назад
Thank, informative.
@JoeMama-dg8cl
@JoeMama-dg8cl 9 месяцев назад
great video finished it
@F599
@F599 7 месяцев назад
20:35, Another way to keep your anxiety in check is to remove the .exe file extension meaning if you accidentally double-clicked on the file it won't recognize it as an executable and it won't execute, and change the file extension anxiety free just use the command line or PowerShell to change the files .exe extension to the file name with no extension.
@AvinashKumar-fe8xb
@AvinashKumar-fe8xb 9 месяцев назад
Mind blowing. keep bringing these kind of wholesome videos. It really inspired to me get started being a newbie.. 😍 Few question though 1. I wonder why didn't you mention defanging the binary before performing all the static analysis. 2. Will there be more in depth analysis of malware in future videos? Like dissecting source code, if it can be recovered in some way. So that we can understand how it actually deleted itself and placed itself inside google update .
@collinsinfosec
@collinsinfosec 9 месяцев назад
Happy to help. 1. Great point. I didn't mention defanging for this sample, since it wasn't necessary. But this was an oversight on my end, for safe handling, always defang! 2. Yes, hopefully. There will be more content to come. I still yet to learn some advanced analysis techniques.
@mehervardhan2177
@mehervardhan2177 8 месяцев назад
can you please suggest any malware course outside and what course are you learning @@collinsinfosec
@MarcBadalBatllori
@MarcBadalBatllori 8 месяцев назад
Very COOL video, are you going to do it with AWS version too? It would be amazing to see how it's done in a cloud enviroment
@rob2rox
@rob2rox 7 месяцев назад
intro is the uac bypass method, loops until you press yes
@kishanpatel-uk8su
@kishanpatel-uk8su 3 месяца назад
Hey man, I don’t comment much on RU-vid videos but you helped me with my capstone project for school. Thank you for your content!
@ChadVanHalen5150
@ChadVanHalen5150 4 месяца назад
This is really well done However my malware was not acting at all the same way as yours was, it didn't ask to run any app and it had maybe one or two processes in the process tree. When detonating on WireShark, multiple times, never got a peep out of it. Made sure I was running remnux and all that, and they were connected host to host, etc But, I was still able to run the process alongside you, which is what I was looking to do. Great experience to put on a resume.
@JustinLazlo
@JustinLazlo 4 дня назад
Is it possible that it detected it was in a VM? Malware will often behave differently if it does.
@guilherme5094
@guilherme5094 9 месяцев назад
👍Thanks !
@noorsmadi-li8rc
@noorsmadi-li8rc 9 месяцев назад
I love your videos because they are very useful. I wish you success🤍
@omarashraf4914
@omarashraf4914 8 месяцев назад
Thank you for this wonderful project❤ Is this the last part of the project?
@collinsinfosec
@collinsinfosec 8 месяцев назад
This is the last part of the project. Hope you enjoyed the series!
@omarashraf4914
@omarashraf4914 8 месяцев назад
I enjoyed it very much, thank you May I share it with my friends on LinkedIn and mention you?
@collinsinfosec
@collinsinfosec 7 месяцев назад
@@omarashraf4914 Absolutely!
@abdullahtanveer316
@abdullahtanveer316 9 месяцев назад
Bro I need a Suggestion I just completed my bachelor's in computer science and now I want to do my MS in cyber security. but I'm confused there are a lot of domains and also university programs' list that make me more confused, can you help find the right program for my ms in cyber security
@dharsann6515
@dharsann6515 7 месяцев назад
It would be helpful if you send the analysis report link to download. I am in need of it. Thanks
@EurekaTeklemariamHaile
@EurekaTeklemariamHaile 9 месяцев назад
best video with least views
@PVredeemed
@PVredeemed 9 месяцев назад
If I want to work in Cybersecurity should I get a bachelors degree in Cybersecurity or bachelors degree in Computer Science with a minor in Cybersecurity? I know you have a bachelors degree in CBS, but would you recommend it instead of CS now that you've gone through it? Thanks.
@collinsinfosec
@collinsinfosec 9 месяцев назад
Hi, correct, I have a Bachelor's in Cybersecurity. I recommend a Bachelor's in either. Do whichever one you find more interesting. Computer science may be more beneficial if you do not want to limit your opportunities to just security-oriented jobs after graduating. Also, many computer science degrees are well-established compared to the "newer" field of cybersecurity. I do not regret getting my degree in cybersecurity. I still would have chosen my degree in cybersecurity because I knew before entering university that I wanted to pursue the industry.
@PVredeemed
@PVredeemed 9 месяцев назад
@@collinsinfosec Ok. Thank you so much for the reply! You have cleared up a lot of confusion!
@PVredeemed
@PVredeemed 9 месяцев назад
@@collinsinfosec would you recommend the cybersecurity bachelors program from texas a&m commerce? I tried to post the link to the catalog but my comment keeps getting deleted. Thanks
@joelogbechie2049
@joelogbechie2049 8 месяцев назад
That's a flarevm lab right ?
@firosiam7786
@firosiam7786 9 месяцев назад
I would like to see how malware obfuscate themselves to evade defender and all
@cvport8155
@cvport8155 9 месяцев назад
Please make vd about malware apk analysis
@PandoraApocalypse
@PandoraApocalypse 6 месяцев назад
Bro teach me how to create a Home lab to test these malware and malicious pcap stuff
@grletgo9794
@grletgo9794 8 месяцев назад
❤❤❤
@tanhowseng
@tanhowseng 7 месяцев назад
I can’t believe this is free
@user-sx6ve5hr4x
@user-sx6ve5hr4x 9 месяцев назад
Please sir, how do i contact you. It's very important and will be beneficial to you too
@collinsinfosec
@collinsinfosec 9 месяцев назад
Email is probably the best option, grant@cybercademy.org.
@MuhammadArhamMahmood
@MuhammadArhamMahmood 20 дней назад
can anyone send me report for this
@tannisk
@tannisk 7 месяцев назад
25:24
Далее
Cybersecurity Careers Are Experiencing a Fundamental Shift Right Now.
7:21
Cybersecurity Careers Are Experiencing a Fundamental Shift Right Now.
Просмотров 21 тыс.
QR Code Hacking - I Placed 'Malicious' QR Codes Around My Local Area - Here's Who I Caught.
10:41
QR Code Hacking - I Placed 'Malicious' QR Codes Around My Local Area - Here's Who I Caught.
Просмотров 36 тыс.
УГАДАЙ КТО Я? *Егорик, Амина Tenderlybae, Саня Монтажник, Катя Екатзе, Дарья Граф*
41:19
УГАДАЙ КТО Я? *Егорик, Амина Tenderlybae, Саня Монтажник, Катя Екатзе, Дарья Граф*
Просмотров 771 тыс.
KO’P GAP ESHAKKA YUK!😂
00:57
KO’P GAP ESHAKKA YUK!😂
Просмотров 689 тыс.
Угадай Беременную Женщину! 6 Девушек Врут, 1 Говорит Правду! (Хазяева, Кокошка)
1:16:59
Угадай Беременную Женщину! 6 Девушек Врут, 1 Говорит Правду! (Хазяева, Кокошка)
Просмотров 2,3 млн
Лукашенко: Есть над чем работать! #shorts #лукашенко #новости #политика #беларусь #президент
00:20
Лукашенко: Есть над чем работать! #shorts #лукашенко #новости #политика #беларусь #президент
Просмотров 310 тыс.
Learn Reverse Engineering (for hacking games)
7:26
Learn Reverse Engineering (for hacking games)
Просмотров 964 тыс.
Mozi Malware - Finding Breadcrumbs...
50:16
Mozi Malware - Finding Breadcrumbs...
Просмотров 197 тыс.
picoCTF 2021 - General Challenges - Static Isn't Always Noise
7:55
picoCTF 2021 - General Challenges - Static Isn't Always Noise
Просмотров 10
Windows Command Line Tools
14:08
Windows Command Line Tools
Просмотров 160 тыс.
Get Started in Cybersecurity 2024 (A Guide)
12:45
Get Started in Cybersecurity 2024 (A Guide)
Просмотров 83 тыс.
the reality vs. expectation in cybersecurity.
10:18
the reality vs. expectation in cybersecurity.
Просмотров 156 тыс.
Malware beats Windows Defender: How you get hacked
7:26
Malware beats Windows Defender: How you get hacked
Просмотров 175 тыс.
Separating AI Hype from AI Reality
19:49
Separating AI Hype from AI Reality
Просмотров 4,3 тыс.
Best Free Windows Remote Access Tool!
9:22
Best Free Windows Remote Access Tool!
Просмотров 143 тыс.
The Malware that hacked Linus Tech Tips
10:13
The Malware that hacked Linus Tech Tips
Просмотров 1,5 млн
УГАДАЙ КТО Я? *Егорик, Амина Tenderlybae, Саня Монтажник, Катя Екатзе, Дарья Граф*
41:19
УГАДАЙ КТО Я? *Егорик, Амина Tenderlybae, Саня Монтажник, Катя Екатзе, Дарья Граф*
Просмотров 771 тыс.