Malware Analysis [Video] Auto Start Monitoring and Disinfection with Autoruns

struppigel

Moderator
Thread author
Verified
Staff Member
Well-known
Apr 9, 2020
656
We apply Autostart Extensibility Points (ASEPs) with disinfector trainer und learn monitoring of ASEP creation with dynamic malware analysis and basic disinfection with Autoruns and regedit.

Note: This is not a comprehensive disinfection tutorial but one exercise. It requires more training than that until you can perform actual disinfection.

Disinfector trainer: https://github.com/struppigel/Hedgeho...
Password for unpacking the archive is "infected" without the quotes



00:00 Intro
00:40 Scenario 1, using Disinfector Trainer
03:30 Sysinternals Autoruns
08:05 Run key and IFEO
13:08 Scenario 3
13:35 RunOnce key
14:05 Active Setup
18:10 LNK in Startup folder
19:12 Service
20:05 Scheduled Task
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top