|
|
0
|
|
265.1 KB
|
|
|
1. Analysis types.mp4
|
MP4
|
19.4 MB
|
|
|
1. Auto Start Extensibility Points (ASEPs).mp4
|
MP4
|
28.4 MB
|
|
|
1. Finding the malware developer's code.mp4
|
MP4
|
17.1 MB
|
|
|
1. Ghidra introduction.mp4
|
MP4
|
9.2 MB
|
|
|
1
|
|
664.7 KB
|
|
|
1. How packers work.mp4
|
MP4
|
32.3 MB
|
|
|
1. Introduction to Portable Executable files.mp4
|
MP4
|
24.7 MB
|
|
|
1. Introduction.mp4
|
MP4
|
35.8 MB
|
|
|
1. Legion ransomware intro.mp4
|
MP4
|
6.6 MB
|
|
|
1. Malware Analysis Lab.mp4
|
MP4
|
46.4 MB
|
|
|
1. What is triage.mp4
|
MP4
|
43.2 MB
|
|
|
1. Writing analysis reports.mp4
|
MP4
|
30.8 MB
|
|
|
1. x64dbg introduction.mp4
|
MP4
|
29.4 MB
|
|
|
1.1 ASEPs - 2023-05-06 11.26.44.pdf
|
PDF
|
4.9 MB
|
|
|
1.1 Analysis Reports.pdf
|
PDF
|
7.6 MB
|
|
|
1.1 Analysis Types.pdf
|
PDF
|
4.5 MB
|
|
|
1.1 Finding the Dev's code - 2023-08-31 05.39.23.pdf
|
PDF
|
3.7 MB
|
|
|
1.1 PE Basics - 2023-09-05 05.41.30.pdf
|
PDF
|
2.7 MB
|
|
|
1.1 Packers - 2023-09-11 05.43.00.pdf
|
PDF
|
6.7 MB
|
|
|
1.1 Triage - 2023-04-15 06.22.51.pdf
|
PDF
|
5.7 MB
|
|
|
10. Compilation and Interpretation.mp4
|
MP4
|
39.8 MB
|
|
|
10. Lab Exercise solution.mp4
|
MP4
|
80.6 MB
|
|
|
10. Lab Installers 2 Layer 2 Extract 7zip SFX files.mp4
|
MP4
|
73.7 MB
|
|
|
10. Lab Poison 1 Speakeasy API logging.mp4
|
MP4
|
130.3 MB
|
|
|
10. Mapping detection names to file verdicts.mp4
|
MP4
|
39.1 MB
|
|
|
10. Safety rules summary.html
|
HTML
|
8.1 KB
|
|
|
10. SteamHide FinalMalware.exe analysis.html
|
HTML
|
204.8 B
|
|
|
10. x64dbg Quiz.html
|
HTML
|
204.8 B
|
|
|
10.1 Compilers and interpreters - 2023-04-26 07.49.42.pdf
|
PDF
|
13.4 MB
|
|
|
10.1 Safety rules.pdf
|
PDF
|
70.7 KB
|
|
|
11. Lab .NET 1 .NET basics and triage.mp4
|
MP4
|
53.9 MB
|
|
|
11. Lab Installers 3 Extract 7zip SFX configuration.mp4
|
MP4
|
76.1 MB
|
|
|
11. Lab Poison 2 Unpacking via RtlDecompressBuffer.mp4
|
MP4
|
88.1 MB
|
|
|
11. Safety rules quiz.html
|
HTML
|
204.8 B
|
|
|
11. Triage Quiz.html
|
HTML
|
204.8 B
|
|
|
12. Lab .NET 2 Running the file, DnSpy basics.mp4
|
MP4
|
62.6 MB
|
|
|
12. Lab Injector DLL Unpacking via VirtualAlloc.mp4
|
MP4
|
127.7 MB
|
|
|
12. Lab Installers 4 Triage of multiple files.mp4
|
MP4
|
106.2 MB
|
|
|
13. Lab .NET 3 Code search in DnSpy.mp4
|
MP4
|
92.6 MB
|
|
|
13. Wrappers and installers quiz.html
|
HTML
|
204.8 B
|
|
|
2. Analysis process.mp4
|
MP4
|
4 MB
|
|
|
2. Download link for Ghidra.html
|
HTML
|
307.2 B
|
|
|
2. Download links and bookmarks.html
|
HTML
|
921.6 B
|
|
|
2. Download links.html
|
HTML
|
921.6 B
|
|
|
2. File analysis verdicts.mp4
|
MP4
|
85.6 MB
|
|
|
2. Lab Legion ransomware 1 Triage.mp4
|
MP4
|
83.3 MB
|
|
|
2. Malware Classification.mp4
|
MP4
|
36.7 MB
|
|
|
2. Portable Executable format basics.mp4
|
MP4
|
37.5 MB
|
|
|
2
|
|
683 KB
|
|
|
2. The Windows Registry.mp4
|
MP4
|
53 MB
|
|
|
2. Unpacking methods.mp4
|
MP4
|
32.5 MB
|
|
|
2. Wrapped files.mp4
|
MP4
|
27 MB
|
|
|
2.1 Analysis Process.pdf
|
PDF
|
2.8 MB
|
|
|
2.1 Analysis Verdicts - 2023-04-15 07.28.26.pdf
|
PDF
|
14.9 MB
|
|
|
2.1 Malware Classification.pdf
|
PDF
|
10.7 MB
|
|
|
2.1 Portable Executable Format-Basics.pdf
|
PDF
|
118.2 KB
|
|
|
2.1 Registry - 2023-05-28 06.06.16.pdf
|
PDF
|
17.5 MB
|
|
|
2.1 Unpacking Methods - 2023-09-11 05.39.15.pdf
|
PDF
|
16.8 MB
|
|
|
2.1 Wrappers - 2023-09-03 07.51.53.pdf
|
PDF
|
6 MB
|
|
|
3. Clean vs malicious—approaches for clean file analysis.mp4
|
MP4
|
44.1 MB
|
|
|
3. Installing VirtualBox Windows 10 VM.mp4
|
MP4
|
64.1 MB
|
|
|
3. Lab Legion ransomware 2 Finding main.mp4
|
MP4
|
79.4 MB
|
|
|
3. Lab Triage 1 Determine file types of unknown samples.mp4
|
MP4
|
103 MB
|
|
|
3. Lab preparation Installing Ghidra.mp4
|
MP4
|
25.4 MB
|
|
|
3. Lab x64dbg 1 CPU view windows.mp4
|
MP4
|
72.3 MB
|
|
|
3. Links.html
|
HTML
|
512 B
|
|
|
3. Malware types by propagation.mp4
|
MP4
|
23.1 MB
|
|
|
3. PortexAnalyzer and DnSpy download.html
|
HTML
|
1 KB
|
|
|
3. Tools and links.html
|
HTML
|
614.4 B
|
|
|
3. Unpacking stub types and how they work.mp4
|
MP4
|
27.1 MB
|
|
|
3
|
|
271.2 KB
|
|
|
3.1 Determine Clean vs Malicious - 2023-09-10 05.44.08.pdf
|
PDF
|
17.5 MB
|
|
|
3.1 Malware Types by Propagation.pdf
|
PDF
|
19.9 MB
|
|
|
3.1 Unpacking Stubs - 2023-09-10 05.45.54.pdf
|
PDF
|
5 MB
|
|
|
4. Download links and documentation.html
|
HTML
|
3 KB
|
|
|
4. Installing VirtualBox Guest Additions.mp4
|
MP4
|
27.7 MB
|
|
|
4
|
|
384.9 KB
|
|
|
4. Lab Ghidra 1 New project, file import and autoanalysis.mp4
|
MP4
|
45.2 MB
|
|
|
4. Lab Legion ransomware 3 Date check markup.mp4
|
MP4
|
87.6 MB
|
|
|
4. Lab PE 1 MS DOS stub, COFF file header, timestamps and REPRO builds.mp4
|
MP4
|
102.3 MB
|
|
|
4. Lab Services.mp4
|
MP4
|
127.6 MB
|
|
|
4. Lab Wapped files 1 Triage of a wrapped file.mp4
|
MP4
|
103 MB
|
|
|
4. Lab x64dbg 2 Navigation.mp4
|
MP4
|
69.4 MB
|
|
|
4. Malware types by payload behavior.mp4
|
MP4
|
21.2 MB
|
|
|
4. Tools for binary diffing and finding hidden certificate data.mp4
|
MP4
|
13.8 MB
|
|
|
4. What is a file type.mp4
|
MP4
|
37.8 MB
|
|
|
4.1 Malware Types by Behavior.pdf
|
PDF
|
7.4 MB
|
|
|
5. Enabling hidden files view and removing Windows Defender.mp4
|
MP4
|
57.6 MB
|
|
|
5. Installing the bindiff and certificate tools.html
|
HTML
|
921.6 B
|
|
|
5. Lab Ghidra 2 Windows in the codebrowser part 1.mp4
|
MP4
|
93.6 MB
|
|
|
5. Lab Legion ransomware 4 Finding the encryption function.mp4
|
MP4
|
74.2 MB
|
|
|
5. Lab PE 2 Optional header and section table.mp4
|
MP4
|
94.7 MB
|
|
|
5
|
|
532.8 KB
|
|
|
5. Installing Python 3 and Speakeasy.mp4
|
MP4
|
53.3 MB
|
|
|
5. Lab Disinfection 1 Autoruns - Run, IFEO.mp4
|
MP4
|
126.2 MB
|
|
|
5. Lab Triage 2 Whole file examination.mp4
|
MP4
|
142.5 MB
|
|
|
5. Lab Wrapped files 2 Obtaining the script with ACLs.mp4
|
MP4
|
124.1 MB
|
|
|
5. Lab x64dbg 3 Software breakpoints.mp4
|
MP4
|
89.1 MB
|
|
|
5. Malware family identification.mp4
|
MP4
|
8.7 MB
|
|
|
5.1 Malware Families - 2023-09-09 11.26.32.pdf
|
PDF
|
6.9 MB
|
|
|
6. Antivirus detection names and formats for malware.mp4
|
MP4
|
26.2 MB
|
|
|
6. Lab Disinfection 2 RunOnce, Active Setup, Scheduled Tasks, LNKs.mp4
|
MP4
|
113.5 MB
|
|
|
6. Lab Ghidra 3 Windows in the codebrowser part 2.mp4
|
MP4
|
68.5 MB
|
|
|
6. Lab PE 3 Resources, icons, debug path, imports.mp4
|
MP4
|
78.4 MB
|
|
|
6. Lab Wrapped files 3 Wrapped file payload analysis.mp4
|
MP4
|
51.2 MB
|
|
|
6
|
|
858.6 KB
|
|
|
6. Lab Legion ransomware 5 Understanding the encryption.mp4
|
MP4
|
127.5 MB
|
|
|
6. Lab Winupack 1 packing, fix disassembly in x32dbg.mp4
|
MP4
|
121.3 MB
|
|
|
6. Lab diffing 1 Binary diffing with vbindiff and meld.mp4
|
MP4
|
85.6 MB
|
|
|
6. Lab x64dbg 4 Hardware breakpoints.mp4
|
MP4
|
51.1 MB
|
|
|
6. Sample handling Course samples and password protected archives.mp4
|
MP4
|
21.2 MB
|
|
|
6. Tools and links.html
|
HTML
|
512 B
|
|
|
6.1 AV Detection Names - 2023-08-28 10.43.52.pdf
|
PDF
|
14.5 MB
|
|
|
7. Deciphering antivirus detection names for malware.mp4
|
MP4
|
49.7 MB
|
|
|
7. Lab Legion ransomware 6 Patching with x32dbg.mp4
|
MP4
|
105 MB
|
|
|
7
|
|
946.1 KB
|
|
|
7. Lab PE 4 Anomalies and visualization.mp4
|
MP4
|
75.2 MB
|
|
|
7. Lab Winupack 2 Find OEP via tracing, dump and fix imports.mp4
|
MP4
|
100.3 MB
|
|
|
7. Lab Wrapped files 4 Obtaining the script with APIMonitor.mp4
|
MP4
|
74.9 MB
|
|
|
7. Lab diffing 2 Identify certificate manipulation.mp4
|
MP4
|
74.9 MB
|
|
|
7. Lab finding main 1 MinGW and VisualStudio C++ applications.mp4
|
MP4
|
92.8 MB
|
|
|
7. Lab report writing 1 Main analysis of a downloader.mp4
|
MP4
|
75.7 MB
|
|
|
7. Lab x64dbg 5 Memory breakpoints.mp4
|
MP4
|
83.7 MB
|
|
|
7. Malware Persistence and Disinfection Quiz.html
|
HTML
|
204.8 B
|
|
|
7. Sample handling Shared folder setup.mp4
|
MP4
|
44.2 MB
|
|
|
8. How signature verification works.mp4
|
MP4
|
10.3 MB
|
|
|
8. Installers.mp4
|
MP4
|
20 MB
|
|
|
8. Lab ASLR 1 Rebasing and DllCharacteristics in the Optional Header.mp4
|
MP4
|
94.4 MB
|
|
|
8. Lab Legion ransomware 7 Ransomware monitoring and file decryption test.mp4
|
MP4
|
102.4 MB
|
|
|
8. Lab Triage 3 VirusTotal autoscans and first research.mp4
|
MP4
|
35.4 MB
|
|
|
8. Lab Winupack 3 Find OEP via hardware breakpoint on stack.mp4
|
MP4
|
49.1 MB
|
|
|
8. Lab finding main 2 A more difficult application.mp4
|
MP4
|
85.9 MB
|
|
|
8. Sample handling Prevent execution via ACLs (Windows host only).mp4
|
MP4
|
54.7 MB
|
|
|
8
|
|
752.4 KB
|
|
|
8. Lab report writing 2 ICC profile extraction with exiftool.mp4
|
MP4
|
77.2 MB
|
|
|
8. Portable Executable metadata exercise.html
|
HTML
|
204.8 B
|
|
|
8.1 Installers - 2023-09-03 08.13.53.pdf
|
PDF
|
5.8 MB
|
|
|
9. Lab ASLR 2 Hex to Bin Conversion, Bitmasks and Disabling Exploit Protection.mp4
|
MP4
|
83.4 MB
|
|
|
9. Lab Installers 1 Layer 1 Unpacking Nullsoft.mp4
|
MP4
|
138.4 MB
|
|
|
9. Lab Triage 4 Final analysis.mp4
|
MP4
|
68.3 MB
|
|
|
9. Lab diffing3 Force strict signature verification.mp4
|
MP4
|
98.2 MB
|
|
|
9
|
|
516.1 KB
|
|
|
9. Lab report writing 3 Malware decryption with CyberChef.mp4
|
MP4
|
108.7 MB
|
|
|
9. Network, snapshots and first sample execution.mp4
|
MP4
|
70.6 MB
|
|
|
9. One generic unpacking approach.mp4
|
MP4
|
35.2 MB
|
|
|
9. Portable Executable Quiz.html
|
HTML
|
204.8 B
|
|
|
9.1 Unpacking Approach - 2023-09-11 06.08.21.pdf
|
PDF
|
16.7 MB
|
|
|
TutsNode.org.txt
|
TXT
|
102.4 B
|
|
|
[TGx]Downloaded from torrentgalaxy.to .txt
|
TXT
|
614.4 B
|
|
|
10
|
|
322 KB
|
|
|
11
|
|
866.1 KB
|
|
|
14
|
|
46.1 KB
|
|
|
15
|
|
584.4 KB
|
|
|
16
|
|
686.7 KB
|
|
|
17
|
|
719.8 KB
|
|
|
18
|
|
839.4 KB
|
|
|
19
|
|
313 KB
|
|
|
20
|
|
585.1 KB
|
|
|
21
|
|
388.1 KB
|
|
|
22
|
|
172.6 KB
|
|
|
23
|
|
427.7 KB
|
|
|
24
|
|
907.3 KB
|
|
|
25
|
|
952.8 KB
|
|
|
26
|
|
439.9 KB
|
|
|
27
|
|
58.2 KB
|
|
|
28
|
|
375.6 KB
|
|
|
29
|
|
389.5 KB
|
|
|
30
|
|
295.4 KB
|
|
|
31
|
|
607.9 KB
|
|
|
32
|
|
674.1 KB
|
|
|
33
|
|
418.5 KB
|
|
|
34
|
|
583.4 KB
|
|
|
35
|
|
620.3 KB
|
|
|
36
|
|
814.9 KB
|
|
|
37
|
|
925 KB
|
|
|
38
|
|
304.9 KB
|
|
|
39
|
|
803.3 KB
|
|
|
40
|
|
111.6 KB
|
|
|
41
|
|
140.1 KB
|
|
|
42
|
|
771.2 KB
|
|
|
43
|
|
302.7 KB
|
|
|
44
|
|
670.2 KB
|
|
|
45
|
|
404.7 KB
|
|
|
46
|
|
616.5 KB
|
|
|
47
|
|
553.9 KB
|
|
|
48
|
|
739.3 KB
|
|
|
49
|
|
908.3 KB
|
|
|
50
|
|
408 KB
|
|
|
51
|
|
396.5 KB
|
|
|
52
|
|
339 KB
|
|
|
53
|
|
111.5 KB
|
|
|
54
|
|
676.9 KB
|
|
|
55
|
|
978.4 KB
|
|
|
56
|
|
849.9 KB
|
|
|
57
|
|
877.1 KB
|
|
|
58
|
|
317 KB
|
|
|
59
|
|
962.1 KB
|
|
|
60
|
|
614.4 KB
|
|
|
61
|
|
847.5 KB
|
|
|
62
|
|
825.3 KB
|
|
|
63
|
|
878 KB
|
|
|
64
|
|
857.8 KB
|
|
|
65
|
|
187.2 KB
|
|
|
66
|
|
927.4 KB
|
|
|
67
|
|
205.5 KB
|
|
|
68
|
|
496.9 KB
|
|
|
69
|
|
305.4 KB
|
|
|
70
|
|
234.5 KB
|
|
|
71
|
|
649.7 KB
|
|
|
72
|
|
821.4 KB
|
|
|
73
|
|
473.9 KB
|
|
|
74
|
|
750.4 KB
|
|
|
75
|
|
220.6 KB
|
|
|
76
|
|
601.5 KB
|
|
|
77
|
|
624.2 KB
|
|
|
78
|
|
296.6 KB
|
|
|
79
|
|
964.7 KB
|
|
|
81
|
|
827.4 KB
|
|
|
82
|
|
575.8 KB
|
|
|
83
|
|
354.9 KB
|
|
|
84
|
|
937.8 KB
|
|
|
85
|
|
806.1 KB
|
|
|
86
|
|
806.8 KB
|
|
|
87
|
|
11.7 KB
|
|
|
88
|
|
91.5 KB
|
|
|
89
|
|
660.2 KB
|
|
|
90
|
|
481.7 KB
|
|
|
91
|
|
506.1 KB
|
|
|
92
|
|
930 KB
|
|
|
93
|
|
234.7 KB
|
|
|
94
|
|
334.5 KB
|
|
|
95
|
|
125.6 KB
|
|
|
96
|
|
478 KB
|
|
|
97
|
|
245.6 KB
|
|
|
98
|
|
576.6 KB
|
|
|
99
|
|
328.7 KB
|
|
|
100
|
|
702.5 KB
|
|
|
101
|
|
789.2 KB
|
|
|
102
|
|
329.9 KB
|
|
|
103
|
|
450.4 KB
|
|
|
104
|
|
655.9 KB
|
|
|
105
|
|
151.7 KB
|
|
|
106
|
|
272.4 KB
|
|
|
107
|
|
394 KB
|
|
|
108
|
|
11.4 KB
|
|
|
109
|
|
194 KB
|
|
|
110
|
|
292.9 KB
|
|
|
112
|
|
136 KB
|
|
|
113
|
|
474.3 KB
|
|
|
115
|
|
263.1 KB
|
|
|
116
|
|
217.5 KB
|
