Learn essential techniques for performing basic triage analysis and unpacking malware using x64dbg in this 21-minute video tutorial. Explore how to extract valuable insights from ransomware binaries using tools like Detect-It-Easy to examine PE file characteristics and identify signs of packing through entropy analysis. Compare obfuscated and unobfuscated binaries, and master the process of dumping obfuscated versions using x64dbg and Scylla. Gain practical skills in analyzing strings, viewing imports with DIE, and comparing versions using IDA Pro. Follow along as the instructor demonstrates unpacking techniques on real Lockbit ransomware samples, emphasizing the importance of a safe analysis environment. Enhance your cybersecurity and reverse engineering capabilities with this comprehensive guide to malware analysis.
Performing Basic Triage Analysis and Unpacking with x64dbg - Ransomware Analysis - Part 2
Dr Josh Stroschein via YouTube
Overview
Syllabus
What do the strings tell us?
Viewing strings in the obfuscated version
Using DIE to view imports
Analyzing the obfuscated version
Comparing versions with IDA Pro
Unpacking the obfuscated version with x64dbg
Taught by
Dr Josh Stroschein
