Malware Analysis - Unpacking Lumma Stealer from Emmenhtal and Pure Crypter

Last time we extracted a download URL, in this video we unpack the rest of the Emmenhtal to Pure Crypter to Lumma Stealer infection chain. Malware analysis courses: https://malwareanalysis-for-hedgehogs... Tools: binary refinery, Sysinternals strings.exe, notepad++, dnSpyEx, NetReactorSlayer, DiE, Python 3, dnlib string-decrypt script: https://gist.github.com/struppigel/7f... Posh script: https://bazaar.abuse.ch/sample/0a92ab... Posh loaded: https://bazaar.abuse.ch/sample/9297b5... wvff.pdf (encrypted): https://bazaar.abuse.ch/sample/26b50b... Lumma payload: https://www.virustotal.com/gui/file/2... ConfuserEx 2 deobfuscation video:    • Malware Analysis - ConfuserEx 2 Deobfuscat...   Buy me a coffee: https://ko-fi.com/struppigel Follow me on Twitter:   / struppigel   #malware #malwareanalysis #reverseengineering 00:00 Intro 00:33 Unpacking first PowerShell layer 09:17 Unpacking .NET mediafire downloader 10:16 Analyzing .NET downloader 12:07 Decrypting wvff.pdf 13:03 Deobfuscating NET Reactor 6.X 21:54 Unpacking Lumma Stealer

Join Today
Information Stealer - Malware Analysis (PowerShell to .NET)
▶︎

Information Stealer - Malware Analysis (PowerShell to .NET)

Snip3 Crypter/RAT Loader - DcRat MALWARE ANALYSIS
▶︎

Snip3 Crypter/RAT Loader - DcRat MALWARE ANALYSIS

How I Execute and Debug a Malicious Service (Malware Analysis)
▶︎

How I Execute and Debug a Malicious Service (Malware Analysis)

this MP3 file is malware
▶︎

this MP3 file is malware

Fake CAPTCHA Runs Malware
▶︎

Fake CAPTCHA Runs Malware

Analyze Malware Without Running It (Beginner Malware Analysis)
▶︎

Analyze Malware Without Running It (Beginner Malware Analysis)

They Say This Malware is INSANE
▶︎

They Say This Malware is INSANE

MALWARE ANALYSIS // How to get started with John Hammond
▶︎

MALWARE ANALYSIS // How to get started with John Hammond

I Hacked This Temu Router. What I Found Should Be Illegal.
▶︎

I Hacked This Temu Router. What I Found Should Be Illegal.

AI Did This.
▶︎

AI Did This.

reverse engineering doesn't have to be hard
▶︎

reverse engineering doesn't have to be hard

Malware Analysis - RenPy game, finding malware code in 2956 files, Beginner friendly
▶︎

Malware Analysis - RenPy game, finding malware code in 2956 files, Beginner friendly

Shellcode Analysis: Strings, Deobfuscation & YARA (Malware Analysis & Reverse Engineering)
▶︎

Shellcode Analysis: Strings, Deobfuscation & YARA (Malware Analysis & Reverse Engineering)

DEF CON 33 - Kill List: Hacking an Assassination Site on the Dark Web - Carl Miller, Chris Monteiro
▶︎

DEF CON 33 - Kill List: Hacking an Assassination Site on the Dark Web - Carl Miller, Chris Monteiro

Something is jamming GPS over Europe. Here's what we found
▶︎

Something is jamming GPS over Europe. Here's what we found

How to Extract Shellcode Using x64dbg (Malware Analysis)
▶︎

How to Extract Shellcode Using x64dbg (Malware Analysis)

Antivirus myths and how AVs actually work
▶︎

Antivirus myths and how AVs actually work

This Computer Malware Steals Your Information
▶︎

This Computer Malware Steals Your Information

Malware Evasion Techniques: API Unhooking (Malware Analysis & Reverse Engineering)
▶︎

Malware Evasion Techniques: API Unhooking (Malware Analysis & Reverse Engineering)

DEF CON 32 - Inside the FBI’s Secret Encrypted Phone Company ‘Anom’ - Joseph Cox
▶︎

DEF CON 32 - Inside the FBI’s Secret Encrypted Phone Company ‘Anom’ - Joseph Cox