you need to learn Malware Analysis RIGHT NOW!!

Рет қаралды 15,983

Күн бұрын

What is malware analysis and why do you need to know it? In this video, Mad Hat goes over the intro to malware analysis on TryHackMe. You need to learn this skill if you are serious about getting into the cyber security space.
New to cyber security? Check out the new Google Cybersecurity Certificate link below:
imp.i384100.net/GoogleCyberse...
Cybersecurity Certification Study Resources
CISSP Study Guide - amzn.to/3LmjOLM
CISSP Practice Tests - amzn.to/3oreDRO
Security+ Study Guide - amzn.to/3mTGPwg
A+ Study Guide - amzn.to/3KWS27n
Check Out My Setup
Gaming Chair - amzn.to/3V0nAhg
Monitors - amzn.to/3L1DVgT
Mouse - amzn.to/3H6A5Su
Keyboard - amzn.to/3mNXLVa
Microphone - amzn.to/40BQPId
Camera - amzn.to/41BqwmX
Disclaimer: Some links are affiliate links.
Welcome to Mad Hat. I'm a Cyber Security Analyst at an undisclosed Fortune 500 company. Here, we talk about tips and tricks on how to land a successful career in tech. If you are interested, make sure to hit that subscribe button!
Filmed with a fancy razer camera - link above!
malware analysis
malware analysis for beginners
intro to malware analysis
malware analysis tryhackme
how to analyze malware
Music by Infraction
Link to channel: / @infraction

Пікірлер: 101

@JFlo264 Жыл бұрын

As someone currently trying to enter the cybersecurity world, it's crazy to see that a channel with 7.5k subs has made me more interested and excited to a job in cybersecurity than all the big channels or courses I have done... Well done!

@Konvicted17 9 ай бұрын

37.5k now. Let`s goooooooo

@Solace6428 Жыл бұрын

I've recently become super interested in this kind of stuff, so I'm happy to have found another channel that can teach me even more, especially since the video is entertaining as well as educational.

@madhatistaken Жыл бұрын

Glad to hear it's somewhat helpful for a fellow malware enthusiast! Thank you for watching!💚

@diegocastillo4836 Жыл бұрын

I just found your channel and I am loving the humor with the technical talk. Great show!

@Singularity01010 Жыл бұрын

Imagine 5 years later they find out Tiktok was massive Identify theft and Behavioral analysis malware that was packaged as a app xD

@madhatistaken Жыл бұрын

Tiktok is an APT...🤔perhaps this requires those advanced tactics I mentioned

@arsenijen9797 Жыл бұрын

Please, dont eat shit, when its caramelas od 5 $

@justblank2653 9 ай бұрын

i mean, is it not?

@noelkitonga 5 ай бұрын

All Red Dragon State apps are intrusive because the country is a dystopian cyber surveillance state.

@Thatsrealnice 2 ай бұрын

It’s is

@SavageScientist Жыл бұрын

Great video and well explained, my malware analysis course took me through assembly language and my head is still smoking from that shit.

@madhatistaken Жыл бұрын

Thank you good sir, I've been trying to make stuff better explained with each video. I had an assembly language class that covered C and it was interesting...I didn't retain much of it but I at least know it exists if ever I want to do a deep dive into the CPU commands getting ran in malware. Based on the comments, looks like I'm going to be doing a deeper dive in the advanced tactics vid ha 😅

@MechaFps Жыл бұрын

Production quality is top notch

@madhatistaken Жыл бұрын

Thank you, I'm tryin! 💚

@johnsweeney2906 Жыл бұрын

Best Cybersec related channel on youtube

@spiderman23sky Жыл бұрын

Please drop the next video on the advanced forensic analysis bro, I’m loving your content. Subscribing before you make Cybersecurity mainstream content on KZbin, 1 million subs is definitely achievable with your video style

@chroz68 11 ай бұрын

advanced malware analysis would be great. i think a lot of people would be interested in seeing how highly technical ransomware works since we're seeing it on the news often.

@PNWFAE Жыл бұрын

I love your videos, I recommended you to everyone in my class.

@madhatistaken Жыл бұрын

Thank you for the support! Maybe there's a chance I could make this a full time gig and just make mildly entertaining educational videos for a living😅💚

@evemackenzie6138 Жыл бұрын

I honestly really like the passive method. It's easy, calm and safe!

@Scorpy2303 Жыл бұрын

Dude loving your vids!!! Your awesome 😎

@MonLes-xt7gc Жыл бұрын

More about gen z malware! I love your contents

@JamesTriplettII-cs7tl Жыл бұрын

Hell yeah I'm ready for the next video!

@madhatistaken Жыл бұрын

Stay tuned! 😎💚

@SaxaphoneMan42 11 ай бұрын

definitely would like to learn more on how to analyze the "gen Z malware" (great name for it btw), can't wait for your next videos, this channel is awesome

@madhatistaken 11 ай бұрын

Coming soon! 💚

@nateridgard5773 10 ай бұрын

I'm just a enthusiast with a helpdesk background, but based on what you said, would it be possible to improve virtualization methods to engage Gen z malware?

@user-ic8kv5qm2j 9 ай бұрын

I work as an AppSec and I am veryyyy tempted, to learn RE and Malware Analysis... seems wayyy too fun.

@LovelyLikeThis. Жыл бұрын

what a cliffhanger. i need to know!

@_Saint_gaming Жыл бұрын

This guy makes learning so fun! I appreciate you bro.

@drickzee Жыл бұрын

I didn't know Dominos serve malware special 🤣 great content as always!

@madhatistaken Жыл бұрын

It's all a front. Their pizza isn't even real! 😅

@razorwire111 Жыл бұрын

100% post an advanced video! Nice down and dirty video to get people interested in this stuff.

@nicolae1392 5 ай бұрын

great channel

@TheSwayzeTrain Жыл бұрын

This was a good one thanks

@madhatistaken Жыл бұрын

Thank you for watching! 💚

@rf9562 Жыл бұрын

Do you do that in your current job ? Does that included in SOC level 1 in THM ? Thanks, great video again :D(especially the restaurant part)

@madhatistaken Жыл бұрын

I do this in my current position yes, there's a lot of users with installation privileges across our 20,000 plus employee environment so we're constantly having to check if what they installed is legitimate or not. This video is exactly what's included in the Soc Level 1 Intro to Malware Analysis. I just decided to animate it more instead of going through question by question like my last THM videos. Thank you for watching! 💚

@miranda92051 7 ай бұрын

Hello! Great video! Do you have any tips for how to harden a vmware VM to make it harder to detect?

@nou4219 Жыл бұрын

i fucking love the skits, subbed instantly

@madhatistaken Жыл бұрын

I'm always unsure about adding those in 😅welcome aboard the mad hat #cyberarmy 💚

@bitcode_ Ай бұрын

Yes

@tearanch613 Жыл бұрын

The "phish" joke. Lmao. U win.

@BreakingBread443 Жыл бұрын

Great video!

@madhatistaken Жыл бұрын

💚

@RashidRaja Жыл бұрын

honestly love your videos - brilliantly done - makes me want to learn shit!

@Squinkle Жыл бұрын

nice video big dawg

@madhatistaken Жыл бұрын

💚

@highspirit7483 Жыл бұрын

I wanna see those advanced tactics!

@madhatistaken Жыл бұрын

What flavor of malware you like?

@highspirit7483 Жыл бұрын

@@madhatistaken Ransomware would be tasty

@shawnmendrek3544 6 ай бұрын

Any kind that lets me smoke a cigarette after, like sex.@@madhatistaken

@dparra119911 Жыл бұрын

Yeah ima need that advanced video bro

@madhatistaken Жыл бұрын

Stay tuned! 💚

@TheRockIsCooking Жыл бұрын

Can you do a review of Josh Madakor’s cyber security course? And compare it to the google cert? Pls

@amechi Жыл бұрын

Everytime I watch one of your videos, my hat gets madder

@madhatistaken Жыл бұрын

The #cyberarmy grows madder by the day! Thank you for watching! 💚

@amechi Жыл бұрын

@@madhatistaken 😡🎩💪🏾

@Maikeru305 10 ай бұрын

This actually sounds super fun. Deathnote hacker edition lol

@evanj51 10 ай бұрын

bro that dinner skit was funny lol

@MohamedSayedAbdElRaheem Жыл бұрын

amazing another video

@madhatistaken Жыл бұрын

Thank you! 😁Hope it was helpful!

@queshyrs7879 Жыл бұрын

I was wondering if theres any certs you recommend going from Help Desk to SOC - currently im looking at sec+ and net+ .. any others you recommend?

@madhatistaken Жыл бұрын

You could bypass net+ and just take the new Google cert (my last vid went over it). It's not going to stand out in a resume, but will teach you network fundamentals and prepare you for the Sec+. SOC positions don't typically look for network certificates, those are more for network security engineers or NOC positions. Blue Team Level 1 cert is pretty well known as well and the CySA+ is designed for security analysts. I always send people to this roadmap chart, check out the blue certs! pauljerimy.com/security-certification-roadmap/

@0diepus Жыл бұрын

Do it!

@PNWFAE Жыл бұрын

Can we get some Mad Hat cyber army merch 👀

@anantP-ip8op 11 ай бұрын

Hi , are there enough number of jobs in this domain ? Will it be taken over by automation tools

@Frozkadurrr 2 ай бұрын

Instructions unclear, ive now become the malware

@kevingardocki Жыл бұрын

Do you use active directory often in your SOC analyst role?

@madhatistaken Жыл бұрын

Not a whole lot. I only use it to investigate user details like office locations, job title, whether or not their account is enabled, etc. We have a dedicated IAM team for AD related tasks.

@kevingardocki Жыл бұрын

@@madhatistaken That makes so much sense, I APPRECIATE YOU MAN. I'm on the road to become a security analyst myself and graduating in 6-7 months so , it's been a challenge on finding on what to study the "hardest" or allocate my very crunched time to implementing in labs. What would you say as an actual and ACTIVE security analyst currently in the company and position your in, I should be studying the most. From what I'm reading in job descriptions and so fourth, I think I should I be looking more towards log analysis , SIEM , IDS/IPS tools , and how to remediate and so fourth if I'm correct? Any advice on correlating my crunched time to studying the most realistic day to day tasks that you do would help tremendously, thank you.

@madhatistaken Жыл бұрын

@kevingardocki Best use of any extra time would be towards learning SIEM log analysis like you mentioned and IDS/IPS software for sure. It's difficult to say what SIEM or EDR you should learn because every company picks a different one of course...BUT splunk is a great option to learn since the query language is used by many. The main thing you need to know how to do as a security analyst, tools aside, is know how to figure out if some process, file, execution, registry change, network call, etc. is malicious. The remediation and response is different from company to company, they have their own policies and procedures if something is mucho bad. If I told you this process in task manager is actually a virus, what would you do? Where would you look? SIEM tools are great for network traffic yes but if there's only 1 discrete connection made but loads of weird processes and scripts occurring on 1 endpoint do you know where to look on a windows/mac/linux machine to determine if something bad is happening? Focus on understanding how OS work then understand some commonly used SIEM/EDR tools then understand common IR response tactics.

@kevingardocki Жыл бұрын

@@madhatistaken I appreciate you!! thats makes so much sense!! hard to find labs that are specifically for those tasks so thank you so much!!

@madhatistaken Жыл бұрын

@@kevingardocki They make a lot of incident response labs sadly. TryHackMe has a few modules, but mostly it's just understanding how hackers exploit and what tactics they use paired with what's normal behavior in an environment and what's not. I may have confused you more 😅

@bulba888 5 ай бұрын

PMS

@boulilanourelhak9638 11 ай бұрын

now

@TequilaSunset_ Жыл бұрын

Not sure why the algorithm brought me here, but I’m here to stay :D

@madhatistaken Жыл бұрын

Welcome to the mad hat #cyberarmy 💚Hope I can provide some helpful stuff!

@thearts7702 Жыл бұрын

we would love to see that video lol

@madhatistaken Жыл бұрын

Stay tuned! 💚

@iespinosa31 Жыл бұрын

shaken not stirred

@everything-om3zx Жыл бұрын

dont you think its a bad practice when you upload your files to these Online sandboxes, like the analysis will be public. so if i get a suspicious document and it has something important that is confidential and at end the file is not malicious. now that file is downloadable by anyone. as far as i know thats true with anyrun. it would be better to have our own sandbox.

@madhatistaken Жыл бұрын

Very good point I didn't highlight in the vid. It is bad practice yes. Files that could contain business sensitive data should be ran in private sandbox. Crowdstrike is my private go to and any run has private mode, however I only run installation files there that I know don't relate to business data. Intention was to show how to do it safely, not necessarily define business sensitive data.

@kevingardocki Жыл бұрын

Hey MadHat! I'm starting a cybersecurity podcast for professionals like you, I would love to interview you about your experience and tips you can give for us newbies getting into the industry or recent graduates! Please let me know if you're down!

@madhatistaken Жыл бұрын

I've never done a podcast before. Not sure I'm famous enough for people to care what I say ahah but maybe.

@kevingardocki Жыл бұрын

@@madhatistaken if you’d like ! I think you’re for sure making a difference in the cybersecurity community and helping so many people

@kevingardocki Жыл бұрын

@@madhatistaken Let me know if you're down on a weekend day or after work!

@DubbLpresents 10 ай бұрын

im beyond lost and to think im going to college for this in a week

@shawnmendrek3544 6 ай бұрын

Tiktokers never learn. Sad thing is phones come with that crap and other bad apps. Along with bloat ware crap(yea win11 we are talking about you). API calls do not seem diff from windows. Though we used ASM for disassembling, hex editor s, other crap. Polymorphic malware really made it difficult to detect malware/trojans. I know because we used it for trojans, basically we did not have to update the files code constantly anymore. Packing the files became useless over time as well, as virus total became better. Thanks for teaching me some Linux, never used it before. Or ubuntu(less sad I know to never used either). Is it possible to dual boot Windows and Linux? Is there a reason you do not w ant to be seen? Probably for company/work reasons?