UnpackIt: Dridex

Unpacking Malware: Dridex Dridex is a malware which has long been targeting the financial sector in attempts to steal user credentials and compromise individuals. It targets individuals by sending phishing emails with Microsoft Office-based attachments embedding malicious macros which download additional payload and attain the authors' objectives. Since the first-stage malware is typically packed by Dridex, we’ll uncover how to unpack it and continue with analysis of subsequent stages. Acquiring the Malware Sample Here’s the hash of the malware sample we’ll be using for the unpacking:...

January 20, 2022 · 5 min · Syed Hasan

Practical Malware Analysis: LAB 09

Chapter Eight and Nine focused on dynamic analysis of programs. Once the basics were out of the way in Chapter eight, we shifted focus to using OllyDbg to fulfil our dynamic analysis objectives. Let’s get to solving problems from this chapter! Exercise 1 Hash Name b94af4a4d4af6eac81fc135abda1c40c Lab09-01.exe d6356b2c6f8d29f8626062b5aefb13b7fc744d54 Lab09-01.exe 6ac06dfa543dca43327d55a61d0aaed25f3c90cce791e0555e3e306d47107859 Lab09-01.exe Preface: Analyze the malware found in the file Lab09-01....

October 19, 2021 · 16 min · Syed Hasan