Appreciate the kind words!

Thank you so much!

So happy to hear it was helpful!

Thanks for watching! Glad to hear you enjoyed it!

Thank you for watching, and for leaving a comment! Very happy to hear you found it helpful.

Glad to hear that the video resonated with you! Love the passion you have for the topic - it's why I make these videos :-).

Thank you!

Thanks so much! Would love to do some anti-analysis videos. If you’re battling any specific techniques, let me know and perhaps I can cover them!

@@sonianuj Thanks! I would say for a video, it would be best to start with the easy ones and work your way through to more complex stuff. Maybe a top 5 or 10 common methods. In terms of my current battle, I can consistently bypass the easy checks for a debugger by altering ZF at jumps or EAX values on API returns but unfortunately actually don't know what check is stopping me at the moment. I suspect I am making it harder than it needs to be due to inexperience. I can see the beginnings of the malicious executable being decoded in memory, from scattered chunks of encoded data stored in the .text section... Best I can hope for is to get onto GREM (wishlist item) or hope you cover it in a video or have a helpful hint for me :)

Appreciate it, thanks for watching!

Sorry about that! I’m not near my computer right now - but can you try using the password “malware”?

@sonianuj yes able to extract now, Thanks Anuj!

Just a note for anyone else who sees this comment - I updated the password for mount.zip to be "infected" as described in the video description. Thank you!

Thanks for the suggestion, I'll definitely look into it!

Thank you for leaving a comment. Glad to hear you're benefitting from the videos!

I was thinking about this topic a few months ago! Appreciate the comment, will move this higher on my list!

Very much appreciate the feedback!

Thank you!

Absolutely, thanks for watching!

Thanks so much! Glad you enjoyed it.

🫡

Great ideas, I plan to cover approaches like using speakeasy (emulation) in upcoming videos!

Thanks for watching!

Appreciate that, thanks for watching!

Hi there, thank you! I appreciate the suggestion and will definitely give this some thought. Generally on the the channel I'm trying to focus on technical demos, but perhaps there is a different format I can use to share my thoughts on the topic you suggested (future live stream, community section of KZbin). I'll reflect on this some more, thanks again.

Wow, thank you so much for the kind words! 🙏

Hi @davidmohan2698. It's a great suggestion, but also something that takes quite a bit of time to discuss properly (I spend more than an hour digging into the specifics in my SANS 710 course). To be honest, so far, my KZbin stats indicate people watch my videos for 5 minutes on average. If I see an uptick in those numbers and more interest in longer videos, I'll definitely reconsider though. Again, I really appreciate you offering a suggestion!

You got it!

Thanks so much!

You got it!

You got it!

Thanks, it’s good to be back! Regarding the exam, unfortunately it’s completely out of my control. I do hope GIAC creates an exam soon, but I’m not aware of the timeline.

@sonianuj for what they told me back then it highly depends on the subscription and interest for the course. I can imagine it needs to be profitable. Apart from all of that, the course content is amazing, highly recommendable, I have learned so much from it.

My pleasure!

Not exactly sure if I understand your question - but in general, if you view strings in x64dbg (right-click > Search for > Current Region > String references), you can dump any string to the dump window and edit those bytes.

Thank you for watching!

Glad you enjoyed it!

You got it, API hashing at work!

Hoping to change that. Stay tuned!

You’re welcome, glad it was helpful!