Dive into the world of malware analysis through a comprehensive 15-hour course covering a wide range of real-world threats. Explore VBScript decoding and deobfuscation techniques, analyze Remote Access Trojans (RATs) like Remcos, and investigate fake antivirus software. Examine the Mozi malware, HAFNIUM post-exploitation techniques, and Discord-based threats. Uncover cryptocoin mining malware such as Lemon Duck, and dissect various RATs using tools like ILSpy. Investigate unique malware samples, including a Rick & Morty-themed threat and a Bitcoin/Ethereum stealing JScript malware. Learn about HTA JScript to PowerShell conversions, information stealers, and fileless persistence techniques used by KOVTER malware. Conclude by analyzing targeted phishing attempts, including a fake Outlook password harvester, to enhance your malware analysis skills and protect against evolving cyber threats.
Overview
Syllabus
MALWARE ANALYSIS - VBScript Decoding & Deobfuscating.
Is THIS a VIRUS? Finding a Remcos RAT - Malware Analysis.
FAKE Antivirus? Malware Analysis of Decoy 'kaspersky.exe'.
Mozi Malware - Finding Breadcrumbs....
HAFNIUM - Post-Exploitation Analysis from Microsoft Exchange.
Discord Malware - "i hacked MYSELF??".
Cryptocoin Miner - Unpeeling Lemon Duck Malware.
VBScript & ILSpy Analysis of a RAT.
Rick & Morty MALWARE!? - sLoad - PowerShell & VBScript.
$2 MILLION DOLLARS STOLEN in Bitcoin/Ethereum - JScript Malware Analysis.
HTA JScript to PowerShell - Novter Malware Analysis.
Information Stealer - Malware Analysis (PowerShell to .NET).
KOVTER Malware Analysis - Fileless Persistence in Registry.
TARGETED Phishing - Fake Outlook Password Harvester.
Taught by
John Hammond
