Absolutely useful and well made video ! these type of analysis are super important to learn , would love to see more of these in the future :-) Thanks a ton.
@@handan4828 if you ask someone how find/exploit a software/system you will get that answer. and insulting someone has never helped. i think your mature enough to discuss without insulting.
Ippsec I love your CTF videos, but why didn't you base64 decode the palyload, and then do some strings on the files, and stay over the static analysis? And at the end move to dynamic
Cool videowriteup =) Conduct further investigation of that malware. Subscribers are waiting xD Could you drop reference to malicious document itself and .exe ? I'd like to repeat what you did and examine PE further with IDA and dynamic analysis.
The URLS that host the malicious executable are in the video and not a pain to type. Try going there to download it. I really don't want to put malware in a public space, even if I zipped it up with a simple pw.
I have malware on my iPhone and Computer don’t know how to Get rid of it.. I hear random phone dials when I talk on the phone and my computer is weird glitchy just like my phone it flashes when I close or open random apps any help?? I just got a macros malware when I open my Microsoft Word sucks man so easy to tell I have malware but so hard to get rid off...
Hello Ippsec. Can you make a sequel of this video in which the .docx file is password protected and the vba script is preventing password removal and viewing of the macros code? I usually use sandboxie with buster to analyse these, but curious to see what your approach is.
hey. sorry for being late. if you can trust the documentation, the macro source is not encrypted - only the document it self is. -> MS Office files encrypted with a password are also supported, because VBA macro code is never encrypted, only the content of the document.
Your best bet is to google around for malicious documents to try - I don’t have it anymore and didn’t upload anywhere because it was legitimate malware and i didn’t want to distribute it
Absolutely useful and well made video !
these type of analysis are super important to learn , would love to see more of these in the future :-)
Thanks a ton.
You should totally do more off-topic things like this
Such a brilliant explaination.🤩 Very useful
You make everything seem so easy and simple! Best security youtube channel!
This video was great :) I actually prefer this to the CTF videos, plz make more like this :)
@@handan4828 we wont help you create malware
@@handan4828 why are you suddenly so triggered
@@handan4828 i can create malware. but i dont like to do malware, because i can use my capabilitys to create safer software
@@handan4828 and dont ask me to prove it, because i wont
@@handan4828 if you ask someone how find/exploit a software/system you will get that answer. and insulting someone has never helped. i think your mature enough to discuss without insulting.
That was really interesting. Thanks for making this video.
I really appreciate your videos. Very insightful to understand your thought process
This vedio was awesome and more informative. We do expecting same kind of stuff.
Thanks a looooooot. So useful video. I watched it 2 times and noted a lot of new technics. Please do more videos like this. Peace.
Thank you sir.
Very helpful video.. I hope you continue uploading videos like this.. thank you so very much.
Ippsec I love your CTF videos, but why didn't you base64 decode the palyload, and then do some strings on the files, and stay over the static analysis? And at the end move to dynamic
Great content!. I'd like to see a malware executable analysis
Are you John Hammond? Your voice the same with John Hammond:)
Currently building a bro lab with ELK stack for dynamic analysis. Would love to see some bro!
Great video, very useful!
Cool videowriteup =) Conduct further investigation of that malware. Subscribers are waiting xD
Could you drop reference to malicious document itself and .exe ?
I'd like to repeat what you did and examine PE further with IDA and dynamic analysis.
The URLS that host the malicious executable are in the video and not a pain to type. Try going there to download it. I really don't want to put malware in a public space, even if I zipped it up with a simple pw.
Thanks man, really interesting!
I have malware on my iPhone and Computer don’t know how to Get rid of it.. I hear random phone dials when I talk on the phone and my computer is weird glitchy just like my phone it flashes when I close or open random apps any help?? I just got a macros malware when I open my Microsoft Word sucks man so easy to tell I have malware but so hard to get rid off...
You should run burp suit in the background for http history
Awesome video! Do you have Base64 Decode in Notepad++?
Awesome video man.
Amazing stuff.. thx for sharing..
Awesome video!!!
Awesome video! I'd love to try thing like this so please keep the tips on how to do it safely coming! Whats your take on Windows Sandbox?
Hello Ippsec.
Can you make a sequel of this video in which the .docx file is password protected and the vba script is preventing password removal and viewing of the macros code?
I usually use sandboxie with buster to analyse these, but curious to see what your approach is.
I've never had that scenario nor a document to play with, so can't really do that sorry.
hey. sorry for being late. if you can trust the documentation, the macro source is not encrypted - only the document it self is.
-> MS Office files encrypted with a password are also supported, because VBA macro code is never encrypted, only the content of the document.
Is there info on how to create this kind of networking setup in vmware/virtualbox anywhere?
you can just install fiddler in your VM, does the job :) see www.telerik.com/fiddler
The first time I see that someone dared to run Emotet
you're elite !
Current spike in emotets brought me here! 😁
My laptop and mobile is effected with spyware how can i gather info about the attackers to get them to law
Awesome!
Could you please demonstrate how to use oledump tool to extract attachment from .msg files OLE? and view macro code!
You should do this on other viruses
this is awesome
is the malware analisis using Bro video uploaded yet .. i would like to see that
thanks
Please make more!!!
What VM software are you using?
will the docx file infect or execute the malware if I run a linux ubuntu with openoffice?
No
Do you have any walkthrough of picoctf?
Hey! how can I get that word document so that I can try this for myself.
Your best bet is to google around for malicious documents to try - I don’t have it anymore and didn’t upload anywhere because it was legitimate malware and i didn’t want to distribute it
How do you setup your ubuntu router
rip emotet :c
🤪