Dynamic Malware Analysis

Рет қаралды 32,602

Күн бұрын

You already built the malware analysis lab. We explained how to do dynamic malware analysis at this environment.
Course link: app.letsdefend...
This lesson prepared by Zaid Shah. His social media accounts:
KZbin: / channel
LinkedIn: / zaid-shah-05527a22b
LetsDefend is a hands-on Blue Team training platform that enables people to gain practical experience by investigating real cyber attacks inside a simulated SOC
letsdefend.io
/ letsdefend
/ letsdefendio
/ letsdefend
/ letsdefend

Пікірлер: 35

@idkk403 10 ай бұрын

You have no idea, how much you have helped me!!! Thankyouuuu

@chieduodo1292 2 жыл бұрын

Great walk-through. Lots of helpful tips. The reason Regshot did not catch file activity was because the checkbox option was not selected before your first shot. And for the HTTP traffic missing, that might be because Wireshark could not decrypt HTTPS traffic. I believe you would have seen something if you tried using fiddler as well. Thanks!

@mertkacir9981 Жыл бұрын

you mean scan dir1 checkbox ? but in website they didn't check it either.

@bulba888 8 ай бұрын

Working on that chapter at Letsdefend SOC analysis path

@mohdsuhailmalik3033 10 ай бұрын

thanks for the video

@chapin2513 28 күн бұрын

inside the lab environment , my windows virtual environment doesn't connect to the interenet ! what's the issue?

@RINAMISHRA-j5h Жыл бұрын

Very Informative Video Sir, I just wanted to know how you decide to run the malware for a particular amount of time. How you stopped malware to execute itself.

@tommypham1101 8 ай бұрын

awesome content thank you

@IlyasNashid Жыл бұрын

Thank you so much this made things so much more clear to me if you have your own channel id love to follow thank you again

@Manish-g2k3g 10 ай бұрын

Brilliant 😇

@Ahmed_Hossamm 4 ай бұрын

thank you so much man!

@MarcosPinheiro-cy3oo 3 ай бұрын

I would have liked to see the network settings so that the malware analysis could be done safely. I know the network adapter should be in host-only mode, but wouldn't that leave the VM without internet? Should I enable two network adapters? One in NAT and the other in host-only?

@sebastianschirm1211 3 ай бұрын

You will have to keep switching between both network interface as you progress with the analysis.Once you need internet switch to NAT and immediately switch back to Host only once done to avoid any issues

@boulingrinnicolas3401 10 күн бұрын

struggling with this chapter

@lyquockhanhly6319 5 ай бұрын

Good

@Gurd-f2z Жыл бұрын

How do you download the tools used for the malware analysis section ?

@puucca Жыл бұрын

Zaid is so fucking fun bro i cant

@baskaranranujan7234 2 жыл бұрын

How can we download malware samples as shown in the clip ?

@hamzafeghouli4297 Жыл бұрын

virus total

@hamzafeghouli4297 Жыл бұрын

is there anyway to automate this whole analysis ?

@bella_ame Жыл бұрын

If you find a way, let me know too?

@hamzafeghouli4297 Жыл бұрын

@@bella_ame check for Morrigu by Phil Leg, basically he compares the behaviour of evasive malwares before and after modifying the VM using a tool he created, maybe this will help you

@MongiNTS3YT 3 ай бұрын

Im scared to have my malware analysis machine in Bridged mode to do proper Dynamic Analysis cos i fear anything propegating to my host or any other device on our network

@sebastianschirm1211 3 ай бұрын

Do not use bridged mode instead use Host only mode if you don’t need the internet but if you do switch to NAT

@amigazo3972 8 ай бұрын

The module is to create your own malware analysis virtual machine. NO malware files to download, not copy of your notes to download. Anything available. The course itself is just a mess. Very disappointed about this module. Your explanation is very good, but without the resources seen in these videos... not a good thing.

@s2grabbarna806 2 ай бұрын

It’s a good module. It isnt really that hard to import the malware file from the internet by yourself…