Absolutely useful and well made video ! these type of analysis are super important to learn , would love to see more of these in the future :-) Thanks a ton.
@@handan4828 if you ask someone how find/exploit a software/system you will get that answer. and insulting someone has never helped. i think your mature enough to discuss without insulting.
Ippsec I love your CTF videos, but why didn't you base64 decode the palyload, and then do some strings on the files, and stay over the static analysis? And at the end move to dynamic
I have malware on my iPhone and Computer don’t know how to Get rid of it.. I hear random phone dials when I talk on the phone and my computer is weird glitchy just like my phone it flashes when I close or open random apps any help?? I just got a macros malware when I open my Microsoft Word sucks man so easy to tell I have malware but so hard to get rid off...
Hello Ippsec. Can you make a sequel of this video in which the .docx file is password protected and the vba script is preventing password removal and viewing of the macros code? I usually use sandboxie with buster to analyse these, but curious to see what your approach is.
hey. sorry for being late. if you can trust the documentation, the macro source is not encrypted - only the document it self is. -> MS Office files encrypted with a password are also supported, because VBA macro code is never encrypted, only the content of the document.
Cool videowriteup =) Conduct further investigation of that malware. Subscribers are waiting xD Could you drop reference to malicious document itself and .exe ? I'd like to repeat what you did and examine PE further with IDA and dynamic analysis.
The URLS that host the malicious executable are in the video and not a pain to type. Try going there to download it. I really don't want to put malware in a public space, even if I zipped it up with a simple pw.
Your best bet is to google around for malicious documents to try - I don’t have it anymore and didn’t upload anywhere because it was legitimate malware and i didn’t want to distribute it
Absolutely useful and well made video !
these type of analysis are super important to learn , would love to see more of these in the future :-)
Thanks a ton.
You make everything seem so easy and simple! Best security youtube channel!
This video was great :) I actually prefer this to the CTF videos, plz make more like this :)
@@handan4828 we wont help you create malware
@@handan4828 why are you suddenly so triggered
@@handan4828 i can create malware. but i dont like to do malware, because i can use my capabilitys to create safer software
@@handan4828 and dont ask me to prove it, because i wont
@@handan4828 if you ask someone how find/exploit a software/system you will get that answer. and insulting someone has never helped. i think your mature enough to discuss without insulting.
You should totally do more off-topic things like this
Such a brilliant explaination.🤩 Very useful
I really appreciate your videos. Very insightful to understand your thought process
Currently building a bro lab with ELK stack for dynamic analysis. Would love to see some bro!
Thanks a looooooot. So useful video. I watched it 2 times and noted a lot of new technics. Please do more videos like this. Peace.
That was really interesting. Thanks for making this video.
This vedio was awesome and more informative. We do expecting same kind of stuff.
Very helpful video.. I hope you continue uploading videos like this.. thank you so very much.
Awesome video! I'd love to try thing like this so please keep the tips on how to do it safely coming! Whats your take on Windows Sandbox?
Great content!. I'd like to see a malware executable analysis
Awesome!
Could you please demonstrate how to use oledump tool to extract attachment from .msg files OLE? and view macro code!
You should run burp suit in the background for http history
Awesome video! Do you have Base64 Decode in Notepad++?
Thank you sir.
Ippsec I love your CTF videos, but why didn't you base64 decode the palyload, and then do some strings on the files, and stay over the static analysis? And at the end move to dynamic
I have malware on my iPhone and Computer don’t know how to Get rid of it.. I hear random phone dials when I talk on the phone and my computer is weird glitchy just like my phone it flashes when I close or open random apps any help?? I just got a macros malware when I open my Microsoft Word sucks man so easy to tell I have malware but so hard to get rid off...
Hello Ippsec.
Can you make a sequel of this video in which the .docx file is password protected and the vba script is preventing password removal and viewing of the macros code?
I usually use sandboxie with buster to analyse these, but curious to see what your approach is.
I've never had that scenario nor a document to play with, so can't really do that sorry.
hey. sorry for being late. if you can trust the documentation, the macro source is not encrypted - only the document it self is.
-> MS Office files encrypted with a password are also supported, because VBA macro code is never encrypted, only the content of the document.
Is there info on how to create this kind of networking setup in vmware/virtualbox anywhere?
you can just install fiddler in your VM, does the job :) see www.telerik.com/fiddler
Great video, very useful!
this is awesome
is the malware analisis using Bro video uploaded yet .. i would like to see that
thanks
Thanks man, really interesting!
Current spike in emotets brought me here! 😁
Awesome video man.
Are you John Hammond? Your voice the same with John Hammond:)
Amazing stuff.. thx for sharing..
What VM software are you using?
Awesome video!!!
you're elite !
The first time I see that someone dared to run Emotet
Cool videowriteup =) Conduct further investigation of that malware. Subscribers are waiting xD
Could you drop reference to malicious document itself and .exe ?
I'd like to repeat what you did and examine PE further with IDA and dynamic analysis.
The URLS that host the malicious executable are in the video and not a pain to type. Try going there to download it. I really don't want to put malware in a public space, even if I zipped it up with a simple pw.
My laptop and mobile is effected with spyware how can i gather info about the attackers to get them to law
You should do this on other viruses
Do you have any walkthrough of picoctf?
How do you setup your ubuntu router
Please make more!!!
will the docx file infect or execute the malware if I run a linux ubuntu with openoffice?
No
Hey! how can I get that word document so that I can try this for myself.
Your best bet is to google around for malicious documents to try - I don’t have it anymore and didn’t upload anywhere because it was legitimate malware and i didn’t want to distribute it
rip emotet :c
🤪