Xyl2k Posted February 19, 2016 Posted February 19, 2016 Hello, I'm doing reverse videos since some time now about exotic malwares and fun things. My videos aren't about detailing specific threats, just small overview of what they do (i try to do my video small in length) So if you like reversing, assembly and electronic/dubstep here you go. Chinese adware and steganographyHaving a look on Win32/Kawpfuni.A (Military-espionage malware)Having a look on Trojan/Win32.Shifu (Shifu) Having fun with Tyupkin (ATM Malware)Having a look on CryptoFortress configHaving fun with Dyre and API'sHaving a look on Win32/Modputty.AHaving a look on Dridex configHaving a look on GreenDispenser (ATM Malware)Having a look on DarkComet RAT config 9
crystalboy Posted February 19, 2016 Posted February 19, 2016 Nice music and nice accelerated videos of malware tracing! Thanks for sharing.
Alzri2 Posted February 21, 2016 Posted February 21, 2016 Those videos should be kept in a museum to let other generations learn about/from them Just a question, how much does it take you to analyze a typical malware ? Am I the only one taking hours to understand what a malware does ?
Pancake Posted February 23, 2016 Posted February 23, 2016 (edited) Nice ones. May i ask you which plugins are you using? You are getting a bunch of useful features i see. And btw, why arent tese files packed/virtualized/obfuscated at all? And how did you get real ATM to try the malware on it? The ATM stuff seems like super-super-super interesting topic man! Edited February 23, 2016 by Pancake
Xyl2k Posted April 18, 2017 Author Posted April 18, 2017 @Pancake: i replicate the environment of the atm, haven't released in a while so here is a new one: Having a look on Backdoor.Win32.ATMitch.a (ATM Malware) You can see fake xfs api call result expressed in malware logs at the end, related to obfuscations yeah some are, i unpack them before doing the video.
Xyl2k Posted February 15, 2018 Author Posted February 15, 2018 new video, fast tracing of a zbot: https://www.youtube.com/watch?v=C-dEOt0GzSE
null_endian Posted February 15, 2018 Posted February 15, 2018 3 hours ago, Xyl2k said: new video, fast tracing of a zbot: https://www.youtube.com/watch?v=C-dEOt0GzSE Hey thanks for the vid I just watched it. How long does it take you to figure this out? I assume you have sped up the video a lot... For me, it takes a lot longer to locate different pieces of the code.
Xyl2k Posted February 15, 2018 Author Posted February 15, 2018 it don't take me long to figure how things work (especially for this one) since it's zeus based if you have previous experiences with zeus, things go easier. for example this one https://www.youtube.com/watch?v=Z7tEwl1YvMg i did 4 years ago, you may recognize things if you watch it in parallel with kins 3.3.7.0 and yep it's speeded up, my keyboard would be full of blood otherwise 1
Xyl2k Posted September 17, 2018 Author Posted September 17, 2018 Having a look on ATMSpitter (ATM Malware)
Gyver75 Posted September 21, 2018 Posted September 21, 2018 Damn dude! your YouTube channel was been closed … :(
Xyl2k Posted September 25, 2018 Author Posted September 25, 2018 everything moved to vimeo, download are enabled also. https://vimeo.com/album/5427366 2 1
Xyl2k Posted March 1, 2020 Author Posted March 1, 2020 It's been a while i haven't did a video of malware reverse engineering, so here something new: Having a look on HelloWorld (ATM Malware) 2
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now