- Apr 9, 2020
- 667
Hi there. I made a video that is suitable to train malware analysis if you are still at the beginning of your journey but know some basics.
The sample is an APT backdoor named Kopiluwak. It belongs to the threat actor Turla. It has 3 layers, the first is an office document, the second and third are JScript files.
In this video we analyse those layers, deobfuscate them and finally put everything together for a binary refinery C2 extractor.
The sample is an APT backdoor named Kopiluwak. It belongs to the threat actor Turla. It has 3 layers, the first is an office document, the second and third are JScript files.
In this video we analyse those layers, deobfuscate them and finally put everything together for a binary refinery C2 extractor.
