Ransomware Analysis: 1

Ransomware Analysis: 1 - WannaCry

Рет қаралды 19,665

CryptoCat

Күн бұрын

Пікірлер: 52

@willbdev Жыл бұрын

I'm super glad i stumbled across your channel

@_CryptoCat Жыл бұрын

Me too! 💜

@David-ys7ip 8 ай бұрын

Dude thanks for making this I am trying to learn more about malware analysis as I am doing it for my project

@_CryptoCat 8 ай бұрын

No problem! Glad it helped but honestly, you can find way better content if you want to learn malware analysis these days 😅

@haneesha3548 8 ай бұрын

Do we need to install remux and windows 7 on the workstation to analyse??If so can you please share how to setup the environment for both remnux and windows in the vm workstation

@_CryptoCat 8 ай бұрын

Yes, I'd recommend installing both a Windows VM and a Linux VM for malware analysis. You can find guides here: kb.vmware.com/s/article/1018415

@wedgestudio6051 3 жыл бұрын

What do i do about winmm.dll missing and ive run the powershell admin cmd but it fails

@MichaelJenkin 5 жыл бұрын

You have some cool tools there. I use alternatives but some of yours are producing cleaner output. We are still seeing eternal blue out there so we are still fighting the remnants of this. (Mickyj Whitehat)

@zatoidarkchi 2 жыл бұрын

Hello, is there any way to extract the .rsrc file on windows from the executable? Thanks in advance!

@PompeySi 4 жыл бұрын

Great video! I've trying to build my own lab to analyze malware and I'd like to use the Flypaper application but the download links so far have looked very suspicious- do you happen to have a reliable download link for it?

@_CryptoCat 3 жыл бұрын

Actually, I found the FlyPaper archive file and it's password from the Wikileaks dump on HBGary ;)

@quynhngatran7071 3 жыл бұрын

Sr. Where are I download this file wannacry in?

@_CryptoCat 3 жыл бұрын

hi mate! at the time i think i got this from VirusTotal, which you need to request researcher access for before you can download samples. there are plenty of alternatives though e.g. VirusBay, VirusShare, VX-Underground to name a few. alternatively, you could look into creating your own HoneyPot and try and catch some malware samples in the wild 😮

@xiaoqi9462 9 ай бұрын

how to revert back to the first snapshot?

@_CryptoCat 9 ай бұрын

docs.vmware.com/en/VMware-Workstation-Pro/17/com.vmware.ws.using.doc/GUID-2FC27D9C-B6CB-4AF9-97F8-02A711F5BE6D.html

@xiaoqi9462 9 ай бұрын

@@_CryptoCat thank you so much!

@rehanmumtaz5972 Жыл бұрын

can u share the source of the malware sample?

@_CryptoCat Жыл бұрын

Source was probably virustotal

@voodioo-xv5hv Жыл бұрын

Hey , I need remnux windows XP or 7 can you upload it for me please I need it very necessary

@_CryptoCat Жыл бұрын

Hey, you can download remnux here: remnux.org/#distro, honestly not sure the best place to grab a copy of windows these days though, it's been years since I created a new VM.

@voodioo-xv5hv Жыл бұрын

@@_CryptoCat this website remove and delete Windows XP or 7,I'm sure you have remnux windows XP or 7 please upload for me 🥺, I need it very necessary

@_CryptoCat Жыл бұрын

zeltser.com/free-malware-analysis-windows-vm/

@_CryptoCat Жыл бұрын

@@voodioo-xv5hv Not sure what you mean.. you want to install the remnux tools on Windows?

@voodioo-xv5hv Жыл бұрын

@@_CryptoCat I need remnux windows (on desktop tools folder) same old version , can you upload it for me (not os just tools on desktop folder) okay?

@cyberi2009 5 жыл бұрын

What is the password to open the zip ?WNcry@2017 not working

@wickhere7996 3 жыл бұрын

How can i get the sample of wannacry for testing purpose only

@_CryptoCat 3 жыл бұрын

Hey, if you're a researcher you can get access to samples from VirusTotal, VirusShare etc. You might find additional sources here: zeltser.com/malware-sample-sources/

@abhishekdwivedi9357 6 жыл бұрын

keep it up. 👍

@kierandowds857 7 жыл бұрын

i like ur content. Whats ur education in?

@_CryptoCat 7 жыл бұрын

Thanks :) I have a BSc Computer Science degree, a MSc in Cyber-Security and I'm currently working towards my PhD, focusing on ransomware and exploit kit detection.

@osoliman 6 жыл бұрын

thank you. that was so good

@_CryptoCat 6 жыл бұрын

Thanks :)

@hizkiapahlawan7218 6 жыл бұрын

thank you for your content. your content very usefull. I am student under graduate computer science and im interested with Cyber-Security..

@_CryptoCat 6 жыл бұрын

Hey, glad you liked :) I'll be trying to get back to a more frequent upload schedule in the near future. Good luck with the undergrad and definitely stick with cyber-security if it interests you, I'd recommend checking out some CTF sites while you're studying if you can.. It adds a lot of fun to learning and will really help with practical skills ;)

@hizkiapahlawan7218 6 жыл бұрын

OK thankyou for your recommendation. I will try to take many lessons from CTF Sites..

@jouiniahmed4349 7 жыл бұрын

i need flypaper please

@_CryptoCat 7 жыл бұрын

Sure :) HBGary used to provide it for free but no longer offer it as their company was destroyed by Lulzsec following their attack on Anonymous. Luckily their leaked data is archived by Wikileaks, including an email about containing flypaper as an attachment: wikileaks.org/hbgary-emails/emailid/67831