Another Word For It Patrick Durusau on Topic Maps and Semantic Diversity

April 3, 2019

Reversing WannaCry Part 1 – [w/] #Ghidra

Filed under: Cybersecurity,Ghidra,Hacking — Patrick Durusau @ 7:43 pm
From Gnidra Ninja

From the description:

In this first video of the “Reversing WannaCry” series we will look at the infamous killswitch and the installation and unpacking procedure of WannaCry.

The sample can be found here: https://www.ghidra.ninja/posts/03-wannacry-1/

Twitter: https://twitter.com/ghidraninja

Links:

Interview with MalwareTech: https://soundcloud.com/arrow-bandwidth/s3-episode-11-wannacry-interview-with-malware-tech-at-infosec-europe-2017

MalwareTech’s blogpost about the killswitch: https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html

Further reading

Wikipedia: https://en.wikipedia.org/wiki/WannaCry_ransomware_attack

LogRhythm Analysis: https://logrhythm.com/blog/a-technical-analysis-of-wannacry-ransomware/

Secureworks Analysis: https://www.secureworks.com/research/wcry-ransomware-analysis

Unless you are a very proficient Windows reverse engineer, be prepared to pause the video repeatedly! A level of comfort to aspire to.


No Comments

No comments yet.

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Powered by WordPress