Malware Analysis of Hancitor maldoc and initial Dlls
HTML-код
- Опубликовано: 11 сен 2024
- In this video we analyze the Hancitor maldoc and intial dll files. We extract the dll from the maldoc, then move on to extract the secondary dll payload embedded in the first dll.
Zip file for the malwares: hxxps[://]www[.]malware-traffic-analysis[.]net/2021/06/17/2021-06-17-Hancitor-Word-docs-and-DLL-files[.]zip
Malware Analysis Course Link: courses.null-c...
Academy Link: ask-academy.live/
Please provide feedback in the comments.
To continue the conversation hit me up on twitter:
🐦 Twitter - / nu11charb
#malware #Hancitor #maldoc #cobaltstrike #reverseengineering
![Chlöe - Shake (Feat. Jeremih) [Official Visualizer]](http://i.ytimg.com/vi/aDs_1ufpfv8/mqdefault.jpg)
![[DOKKAN BATTLE] Worldwide Campaign Announcement Video Part 2!](http://i.ytimg.com/vi/JpT5Voak6WA/mqdefault.jpg)
So great... Thanks for your sharing
Thanks for watching Hieu.
This is really nice. Thank you for taking the time to post this :)
I just landed in this video because of RUclips algorithm 😂. What a coincidence 🤔
Hi Nilanja, thankyou for the comment. Glad you enjoyed.
Hi Vikalp, thanks for the comment. I hope you enjoy.
@@vikalpdutttripathi Holy cow! what a coincidence, lol😂 You happened to land on the exact video that i left a comment on.
Awesome stuff. Keep them coming!!
Thanks Vikalp
Good one!!!
Thanks Ganeshkumar.
great video, thanks for sharing, this is awesome
Can you please make a video about how malware works from the phishing mail to how it spreads in the network and analyze it in the end. :D
Great Analysis! Thanks!
Thanks Tejas.
Excellent stuff. Keep sharing more content. Also, possible to upload coming videos in a better quality?
Thanks for your comment. The video is actually 1080, youtube is still processing the hd version, Some issue on thier end.
Just uploaded a new full HD version of the video, the previous version is still processing for some reason.
ruclips.net/video/SBLjg5oW274/видео.html
This video was good, but it's only in 360p. I can't read the code you are trying to point out.
Thanks for your comment. The video is actually 1080, youtube is still processing the hd version for some reason. Looks like some kind of an issue on thier end.
Just uploaded a new full HD version of the video, the previous version is still processing for some reason.
ruclips.net/video/SBLjg5oW274/видео.html
I tried running this on my own, so when i was looking at dump.bin file in dbg, i had to go 9-10 times to reach the file even though i used the same word doc and followed the exact same steps as in the video. Can you help me understand why is that so?
Hi Nilanjana, do u mean that when ur load the dump.bin in x64dbg u have to press play 9-10 to reach the dump.bin file? Are u able to get the final payload after that or there are issues after that as well?
@@ahmedskasmani Yes Ahmed i had to press play 9-10 times to reach dump.bin. But yes I was able to able to get the final payload.
@@nilanjana25 yeah that does not matter, it varies depending upon the number of dll’s being loaded. As x64dbg will load each dll it will stop there. As long as it reaches dump.bin u should be fine.
Okay. Thank you :)