For the frenzy of folks that are concerned YoOuUUuU LLEeeEAAaKKEEDdA TOOKKkKEKEENNNNN!N!N!N!!nn1n1hhbjgngn: No. If you got clever and looked at individual frames, the one you see returns an Unauthorized. Others have been obscured. Thank you for your concern. :)

Please don't stop explaining the simple stuff, I've learned loads thanks.

I don't think I have ever heard anyone say "please send me malware" before

I'm only 5 minutes in, but i feel its relevant to say I appreciate the "easy baby stuff" being reiterated for people like me. I'm learning python for data science. I don't know what all of these imports do. So when you explain every import or at least give basic descriptions of what they do, it really helps me follow along.

That ".il" file is actual CIL (Common Intermediate Language, formerly known as MSIL) code that C# and VB source code files are compiled down to before they're turned into executables.

This will blow up. So many script kiddies on DS

Omg..can’t wait for this I started seeing a lot of discord trojans in the news last year and I would love to here more in depth analysis.

one of your most easy to understand videos yet. well explained. learned a lot. thank you John!

Thanks for making it 'approachable'. I am a beginner in all of this and your quick description of the basic commands is extrememely helpful. It allows me to continue to follow what you are doing and also learn about a wide variety of commands. Of course, further real study is necessary but your presentation helps one broaden understanding of the overall field to be studied. Thanks.

200k! good job man you deserve it :)

Love your content, John! It's really fun to step through code with you.

Honestly I've not watched a full malware analysis vid from you but this one rly interesting and honestly very well written

Recently stumbled upon some of your malware analysis videos and boy am I hooked! love your approach, you make things super easy to understand even for someone with little to no coding knowledge. I hope soon I can find some videos on your channel about learning to program in some of these languages that you work in with malware :) some more gamer-catered stuff would be awesomeee too! thanks John for some very entertaining videos!

Learning new stuff with you is always great. You always manage to draw my attention for a whole hour.

Great content! Thank you for your contribution and for taking the risk of exposing yourself. Very informative.

Omg, we need to see more of this hog stealer code and whatever else you can find in the land of Discord malware! Keep up the great work and congrats on 200k!

Hey John a little off topic for this video, but your terminator vid, (among all the others!) really helped me pass the eJPT in less than 4 hours last week. Thanks for all great content man!

Awesome content as always, John 👏🏻

Great video John, would love to see you de-obfuscate that JavaScript!

Was doing exchange patching a week ago and they reference @john Hammond gist love it

I Love you John. Great video again, interpreted languages is cool to reverse. Congratz on the 200k :)

You are the best! Thank you for explaining also for the beginners.

ayy congrats on 200k John!

ive learned allot from this and that says something because time enrolled in college for this and I feel like these breakdowns help immensely for someone like myself.

I hope more of you guys look into this Discord malware, a lot of this stuff is going undetected and creating a lot of headaches and some of these stealers have keyloggers, gets login sessions from your browsers etc.

I literaly saw this on my youtube feed and inmediately went to make popcorn!!

Congrats on 200k!

You always have great videos!

THC For (4) L(ife) 9-TetraHydroCannabinol (THC) is a chemical component in Weed and Hasj. Probably a smoker. nice vid btw, Learned a lot!

Awsome video man. I appreciate it a lot

You're making it happen John ! :) BigUps . Learned lot from you my Guy !! Hopefully more to come. Peace

I am eagerly waiting .

Hey John, love the Malware stuff. Would love to see some Dynamic Analysis with some ransomware or something , cheers

YOUR explanation is Osm!!!🖤🖤🖤

Absolutely fantastic content!

Holy smokes, how can it be so easy to retrieve all your discord data without logging in essentially. I wouldn't have guessed that discord is saving these tokens as plaintext in your appdata folder. Very nice video! You've got another sub :)

I love these kind of videos, fun new channel to nerd out to. :) Joined the Discord as well! :p

Great Video, and learned a bunch!

Great video John! Many thanks :-)

i'm not gonna lie to you bro, the way you teach is excellent and i appreciate your videos more than you could ever imagine... ever...

Great video, man. As always :)

Thanks for this video sir

The delay is to prevent maxing out discord API requests so it's maximum efficiency

This is going to be an amazing video!

really good explication, please keep this up

cant wait for 200k so excited !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

This is going to be interesting. I’ve studied RCE attacks and Trojans on discord, as well as some more tame malware. I can say that discord is really bad in the security area, but it’s not much to worry about as there are few people who know how to do the attacks and how they work. Edit: I’ve started watching the video, and I’ve seen almost this exact same script before while moderating a server

This is much better, John. You’ve dissect each components and explained thoroughly. Rather than rushing always.

Love your videos sir .Hope you have a great day.

amazing content john

Oh its a fun series keep it up!

This seems very intresting. Can't wait to see it

by the end of the premiere you're gonna have 200k.

Props to this guy managing to get a discord nuker/token logger to 1 hour

you have a new sub keep it up.

By no means the most advanced malware i've seen, like it does rely on a lot of user error to work, but still nice breakdown

yes i am interested in more discord stuff and yes it is bad, but it's good to see and know what is actually out there

Great video!

you are genius, you are exceptional tutor, thank you, thank you so much, i got a project idea from this vid.

Love ya work chap! Sub'd

Instant pressed like, as I saw the Triforce. :)

I thought it was clickbait, but DAMN!! legit content

I definitely want to see your deobfuscuate that js code :D

happy 200k

yikes. .. follow up on what more you learn about this for sure lol. dropped a like. already subbed.

thank you posting a topic of choice.

I was thinking if i should like this video - then you pointed out your TLOZ shirt. You win

John! Do the thing!

If you open the webhook URL you can identify the name of the webhook, the Guild ID and Channel ID. That information is kinda basic but might help when reporting to Discord

51:50 Hammond enters the freaking Matrix... xD You know a content creator is entertaining when you don't understand shit, and still watches until the end, entertained!

Oh wow! I'm impressed. Only importing that actually used functions, not the whole libraries.

Hair was on point.

thank you

I liked at the Zelda shirt. Thanks!

Yooo Hammond cool haircut 👌

that sever crasher is probably allowing the person to join servers and spam the server with that users token

For the Browsers It takes The Tokens From Them, Because Some People Log into to them. Like you said :)

it could be the location for discord tokens in those browser since discord uses electron which uses chromium which chrome and a lot of other browsers also use, so it might be that cookies are stored there.

54:55 I was kind of expecting a "it's bad mmmkay?"

Looked like that first sketchy website at 33:50 was a peertube instance. It was probably a community dedicated for malware videos.

Seriously the best content creator out there. Love the videos. Keep them coming.

I believe it is grabbing also grabbing Chrome, Opera and Brave tokens. The file structure generated by get_tokens seem to also work for those other directories listed

I love how the token stealer disguises as a token stealer 🤣

I am entertained way more than watching LiveOverflow

I don't mind you ending this one on sort of a cliffhanger. I thought to myself, I have Discord but I don't have a Python installation. I remembered I specifically installed Perl (yeah not Python) for Blender, and then I searched for Python on my machine. Python comes with a lot of programs ( I have ones for Blender, GIMP 2, Inkscape, LibreOffice, Visual Studio Community Edition ..... and in Windows Apps?? What The ?) This developer dad does not install a default extension handler without blinking at least once, but it seems the Python script is not as harmless if you accepted to automatically open .py files??

WOw! This is so new to me !

Please go through the obfuscated Java-Script in another Video. Keep it up man❤

Love it 🤟🙂

"NSFW_allowed: "yes" " 25:57 Nice, John

Hey! Can u make a list of all the malware you have explored so far, making we all can send unique malware programs

Ok, seeing this premiere I think I can do two unfair bets right now. 1. Bet I'm subscribing here. 2. There's something malicious on my son's PC.

I would advise you to use solid colored bars instead of pixelation since there is currently a promising tool in development that can reverse pixelation to some extend.

onto 200k.... yyyayayayyyayayya

wow Ed Sheeran into malware xD Love from India vro

been wondering about discords security for a while now... this should be good

ah yes.. john.. john hammond does it again.

Sometimes you make me really nervous, John. No, not the tokens, the clumsiness in the shell:P echo %LOCALAPPDATA% ... or cd %APPDATA% jFYI But never mind, thanks for the video :)

As someone who works with the discord api it's scary how easy it is to get information with a token

Let’s get 200k!

I think the references to Chrome Opera etc is not the malware looking for passwords within these programs as I'm sure Chrome stores you saved passwords encrypted, but it is probably looking for the Discord tokens saved in Chrome for auto login / cookies