Absolutely useful and well made video ! these type of analysis are super important to learn , would love to see more of these in the future :-) Thanks a ton.
@@handan4828 if you ask someone how find/exploit a software/system you will get that answer. and insulting someone has never helped. i think your mature enough to discuss without insulting.
Ippsec I love your CTF videos, but why didn't you base64 decode the palyload, and then do some strings on the files, and stay over the static analysis? And at the end move to dynamic
Cool videowriteup =) Conduct further investigation of that malware. Subscribers are waiting xD Could you drop reference to malicious document itself and .exe ? I'd like to repeat what you did and examine PE further with IDA and dynamic analysis.
The URLS that host the malicious executable are in the video and not a pain to type. Try going there to download it. I really don't want to put malware in a public space, even if I zipped it up with a simple pw.
I have malware on my iPhone and Computer don’t know how to Get rid of it.. I hear random phone dials when I talk on the phone and my computer is weird glitchy just like my phone it flashes when I close or open random apps any help?? I just got a macros malware when I open my Microsoft Word sucks man so easy to tell I have malware but so hard to get rid off...
Hello Ippsec. Can you make a sequel of this video in which the .docx file is password protected and the vba script is preventing password removal and viewing of the macros code? I usually use sandboxie with buster to analyse these, but curious to see what your approach is.
hey. sorry for being late. if you can trust the documentation, the macro source is not encrypted - only the document it self is. -> MS Office files encrypted with a password are also supported, because VBA macro code is never encrypted, only the content of the document.
Your best bet is to google around for malicious documents to try - I don’t have it anymore and didn’t upload anywhere because it was legitimate malware and i didn’t want to distribute it