Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Malware music video

Xyl2k
Xyl2k
in Malware Reverse Engineering

Featured Replies

Posted

Hello,
I'm doing reverse videos since some time now about exotic malwares and fun things.
My videos aren't about detailing specific threats, just small overview of what they do (i try to do my video small in length)
So if you like reversing, assembly and electronic/dubstep here you go.

Chinese adware and steganography
Having a look on Win32/Kawpfuni.A (Military-espionage malware)
Having a look on Trojan/Win32.Shifu (Shifu)
Having fun with Tyupkin (ATM Malware)
Having a look on CryptoFortress config
Having fun with Dyre and API's
Having a look on Win32/Modputty.A
Having a look on Dridex config
Having a look on GreenDispenser (ATM Malware)
Having a look on DarkComet RAT config

    • Like 9

    Nice music and nice accelerated videos of malware tracing! :)

    Thanks for sharing. :)

    Those videos should be kept in a museum to let other generations learn about/from them ;)

    Just a question, how much does it take you to analyze a typical malware ? Am I the only one taking hours to understand what a malware does ?

    Nice ones. May i ask you which plugins are you using? You are getting a bunch of useful features i see.

     

    And btw, why arent tese files packed/virtualized/obfuscated at all? And how did you get real ATM to try the malware on it? The ATM stuff seems like super-super-super interesting topic man!

    Edited by Pancake

    • 1 year later...
    • Author

    @Pancake: i replicate the environment of the atm, haven't released in a while so here is a new one:

    Having a look on Backdoor.Win32.ATMitch.a (ATM Malware)

    You can see fake xfs api call result expressed in malware logs at the end, related to obfuscations yeah some are, i unpack them before doing the video.

    • 9 months later...
    3 hours ago, Xyl2k said:

    new video, fast tracing of a zbot: https://www.youtube.com/watch?v=C-dEOt0GzSE

    Hey thanks for the vid I just watched it. How long does it take you to figure this out? I assume you have sped up the video a lot... For me, it takes a lot longer to locate different pieces of the code.

    • Author

    it don't take me long to figure how things work (especially for this one) since it's zeus based if you have previous experiences with zeus, things go easier.
    for example this one https://www.youtube.com/watch?v=Z7tEwl1YvMg i did 4 years ago, you may recognize things if you watch it in parallel with kins 3.3.7.0

    and yep it's speeded up, my keyboard would be full of blood otherwise :)

    • Like 1
    • 7 months later...

    Damn dude! your YouTube channel was been closed … :(

    • Author

    everything moved to vimeo, download are enabled also.

    https://vimeo.com/album/5427366

     

    • Like 2
    • Thanks 1
    • 1 year later...
    • Author

    It's been a while i haven't did a video of malware reverse engineering, so here something new:
    Having a look on HelloWorld (ATM Malware)

     

    • Like 2

    Create an account or sign in to comment

    Go to topic listing

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.