(Part 1 of 2)
If you've ever wanted to analyze malware on your own without spending a fortune, this is your time.
In this free master0Fnone class, you will learn to:
1. Build a simple malware analysis lab for FREE, using 2 virtual machines (Remnux and Windows 10) and several free analysis and monitoring tools
2. Snapshot your lab and make it exportable so you can bring it anywhere
3. Examine some real malware samples in your newly-built sandbox, test out the tools we installed, and discover how to pull indicators of compromise and artifacts for detections and determining what the malware is trying to accomplish
4. Challenge you to take what you've learned and use it to achieve an entry on the "Wall of Fame" by analyzing the included "CrackMe" program and finding all the flags!
The jeFF0Falltrades master0Fnone Class series is a collection of free online courses dedicated to making learning complex topics - like malware analysis - more accessible (and fun) to everyone.
Please leave feedback and questions here as comments, or DM me on Mastodon (social links listed on the channel).
Check the pinned comment for any updates to the content.
Let me know what you would like to see in future videos!
Project Homepage and CrackMe Challenge Instructions: github.com/jeFF0Falltrades/Tu...
CrackMe Challenge Form: forms.gle/nE2yFZowxhCKBPw37
Thank you to these incredible artists whose works were featured in this video:
Thumbnail image derived from this work by gstudioimagen1 on Freepik
www.freepik.com/free-vector/v...
Intro Music from #Uppbeat (free for Creators!):
uppbeat.io/t/monument-music/m...
License code: ZD860DLJBOAVDIIH
Intro Music from #Uppbeat (free for Creators!):
uppbeat.io/t/soundroll/transcend
License code: YMTA0L5AOB19X1SV
00:00:00 - Sarcastic Intro & Unsarcastic Apology
00:02:57 - Course Overview
00:05:35 - Important Notes
00:07:57 - Part 1 Start/VirtualBox install
00:11:55 - Importing/Configuring Remnux
00:15:29 - Detour: FLARE-VM
00:16:55 - Remnux VM settings
00:20:35 - VirtualBox Guest Additions (Remnux)
00:21:57 - Accessing shared folders (Remnux)
00:22:58 - Upgrading/Updating Remnux
00:23:47 - Detour: Validating our network connection
00:25:54 - Custom tools/parse_hashes.sh
00:32:35 - the RAT King Parser
00:33:37 - INetSim configuration
00:38:36 - Creating our virtual network
00:46:29 - Burpsuite/INetSim troubleshooting & setup
00:52:12 - Finishing our Remnux machine
00:53:32 - our Windows VM/troubleshooting
01:02:00 - Disabling Windows Update
01:04:00 - pafish (Paranoid Fish) & VBoxCloak
01:11:48 - Disabling Windows Defender & Firewall
01:16:46 - Networking setup (Windows)
01:18:17 - Testing HTTPS traffic capture w/ the Burpsuite root certificate
01:23:43 - Creating the final Clean snapshot for Remnux
01:25:33 - Ghidra/JDK/Python/7Zip & Revealing hidden files/folders/extensions
01:31:43 - IDA Free
01:32:45 - x64dbg
01:34:06 - System Informer/Process Hacker
01:35:25 - Process Monitor
01:36:41 - Chrome
01:37:08 - Wireshark
01:39:57 - LibreOffice/Setting macro security
01:44:07 - .NET 8.0 SDK
01:44:30 - dnSpy
01:46:05 - Capture-Py
01:48:27 - Detect-It-Easy
01:50:05 - de4dot
01:52:21 - pe-sieve
01:54:10 - VbsEdit
01:55:11 - CMD Watcher
01:57:23 - ProcessSpawnControl
02:00:30 - Exporting VMs/Last-minute crises/troubleshooting
02:07:31 - Disabling Edge running in background
02:08:50 - Cleanup and final snapshots
02:10:20 - False ending/fixing procmon
02:11:28 - Congratulations! End of Episode 2.1