From the description:
In this first video of the “Reversing WannaCry” series we will look at the infamous killswitch and the installation and unpacking procedure of WannaCry.
The sample can be found here: https://www.ghidra.ninja/posts/03-wannacry-1/
Twitter: https://twitter.com/ghidraninja
Links:
Interview with MalwareTech: https://soundcloud.com/arrow-bandwidth/s3-episode-11-wannacry-interview-with-malware-tech-at-infosec-europe-2017
MalwareTech’s blogpost about the killswitch: https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html
Further reading
Wikipedia: https://en.wikipedia.org/wiki/WannaCry_ransomware_attack
LogRhythm Analysis: https://logrhythm.com/blog/a-technical-analysis-of-wannacry-ransomware/
Secureworks Analysis: https://www.secureworks.com/research/wcry-ransomware-analysis
Unless you are a very proficient Windows reverse engineer, be prepared to pause the video repeatedly! A level of comfort to aspire to.