Absolutely useful and well made video ! these type of analysis are super important to learn , would love to see more of these in the future :-) Thanks a ton.
@@handan4828 if you ask someone how find/exploit a software/system you will get that answer. and insulting someone has never helped. i think your mature enough to discuss without insulting.
I have malware on my iPhone and Computer don’t know how to Get rid of it.. I hear random phone dials when I talk on the phone and my computer is weird glitchy just like my phone it flashes when I close or open random apps any help?? I just got a macros malware when I open my Microsoft Word sucks man so easy to tell I have malware but so hard to get rid off...
Ippsec I love your CTF videos, but why didn't you base64 decode the palyload, and then do some strings on the files, and stay over the static analysis? And at the end move to dynamic
Hello Ippsec. Can you make a sequel of this video in which the .docx file is password protected and the vba script is preventing password removal and viewing of the macros code? I usually use sandboxie with buster to analyse these, but curious to see what your approach is.
hey. sorry for being late. if you can trust the documentation, the macro source is not encrypted - only the document it self is. -> MS Office files encrypted with a password are also supported, because VBA macro code is never encrypted, only the content of the document.
Cool videowriteup =) Conduct further investigation of that malware. Subscribers are waiting xD Could you drop reference to malicious document itself and .exe ? I'd like to repeat what you did and examine PE further with IDA and dynamic analysis.
The URLS that host the malicious executable are in the video and not a pain to type. Try going there to download it. I really don't want to put malware in a public space, even if I zipped it up with a simple pw.
Your best bet is to google around for malicious documents to try - I don’t have it anymore and didn’t upload anywhere because it was legitimate malware and i didn’t want to distribute it
Absolutely useful and well made video !
these type of analysis are super important to learn , would love to see more of these in the future :-)
Thanks a ton.
This video was great :) I actually prefer this to the CTF videos, plz make more like this :)
@@handan4828 we wont help you create malware
@@handan4828 why are you suddenly so triggered
@@handan4828 i can create malware. but i dont like to do malware, because i can use my capabilitys to create safer software
@@handan4828 and dont ask me to prove it, because i wont
@@handan4828 if you ask someone how find/exploit a software/system you will get that answer. and insulting someone has never helped. i think your mature enough to discuss without insulting.
You should totally do more off-topic things like this
You make everything seem so easy and simple! Best security youtube channel!
Such a brilliant explaination.🤩 Very useful
Thanks a looooooot. So useful video. I watched it 2 times and noted a lot of new technics. Please do more videos like this. Peace.
That was really interesting. Thanks for making this video.
This vedio was awesome and more informative. We do expecting same kind of stuff.
I really appreciate your videos. Very insightful to understand your thought process
Great content!. I'd like to see a malware executable analysis
Thank you sir.
Very helpful video.. I hope you continue uploading videos like this.. thank you so very much.
I have malware on my iPhone and Computer don’t know how to Get rid of it.. I hear random phone dials when I talk on the phone and my computer is weird glitchy just like my phone it flashes when I close or open random apps any help?? I just got a macros malware when I open my Microsoft Word sucks man so easy to tell I have malware but so hard to get rid off...
Currently building a bro lab with ELK stack for dynamic analysis. Would love to see some bro!
Great video, very useful!
Awesome video! Do you have Base64 Decode in Notepad++?
Is there info on how to create this kind of networking setup in vmware/virtualbox anywhere?
you can just install fiddler in your VM, does the job :) see www.telerik.com/fiddler
Thanks man, really interesting!
Awesome!
Could you please demonstrate how to use oledump tool to extract attachment from .msg files OLE? and view macro code!
Ippsec I love your CTF videos, but why didn't you base64 decode the palyload, and then do some strings on the files, and stay over the static analysis? And at the end move to dynamic
Amazing stuff.. thx for sharing..
Hello Ippsec.
Can you make a sequel of this video in which the .docx file is password protected and the vba script is preventing password removal and viewing of the macros code?
I usually use sandboxie with buster to analyse these, but curious to see what your approach is.
I've never had that scenario nor a document to play with, so can't really do that sorry.
hey. sorry for being late. if you can trust the documentation, the macro source is not encrypted - only the document it self is.
-> MS Office files encrypted with a password are also supported, because VBA macro code is never encrypted, only the content of the document.
you're elite !
Awesome video! I'd love to try thing like this so please keep the tips on how to do it safely coming! Whats your take on Windows Sandbox?
Awesome video man.
You should run burp suit in the background for http history
Awesome video!!!
My laptop and mobile is effected with spyware how can i gather info about the attackers to get them to law
Cool videowriteup =) Conduct further investigation of that malware. Subscribers are waiting xD
Could you drop reference to malicious document itself and .exe ?
I'd like to repeat what you did and examine PE further with IDA and dynamic analysis.
The URLS that host the malicious executable are in the video and not a pain to type. Try going there to download it. I really don't want to put malware in a public space, even if I zipped it up with a simple pw.
this is awesome
is the malware analisis using Bro video uploaded yet .. i would like to see that
thanks
How do you setup your ubuntu router
Are you John Hammond? Your voice the same with John Hammond:)
Current spike in emotets brought me here! 😁
The first time I see that someone dared to run Emotet
Do you have any walkthrough of picoctf?
What VM software are you using?
Please make more!!!
will the docx file infect or execute the malware if I run a linux ubuntu with openoffice?
No
You should do this on other viruses
rip emotet :c
Hey! how can I get that word document so that I can try this for myself.
Your best bet is to google around for malicious documents to try - I don’t have it anymore and didn’t upload anywhere because it was legitimate malware and i didn’t want to distribute it
🤪