Loading...
Working...
Sign in to report inappropriate content.
Use IDA Pro and python to automatically decrypt the RC4 strings in REvil (Sodinokibi) ransomware. Expand description for details...Try our free automated malware unpacking service!https://www.unpac.meREVil build imports with IDA Pro:https://www.youtube.com/watch?v=R4xJo...Identifying RC4 encryption in malware:https://www.youtube.com/watch?v=CiJoc...Clean unpacked REvil sample:5f56d5748940e4039053f85978074bde16d64bd5ba97f6f0026ba8172cb29e93https://malshare.com/sample.php?actio...IDA helper functions script (gist):https://gist.github.com/OALabs/04ef6b...IDA 7.xx API backward compatibility with 6.xxhttps://www.hex-rays.com/products/ida...Best IDA scripting book ever!!! (pay-what-you-can)https://leanpub.com/IDAPython-BookFeedback, questions, and suggestions are always welcome : )Sergei https://twitter.com/herrcoreSean https://twitter.com/seanmwAs always check out our tools, tutorials, and more content over at https://www.openanalysis.net#MalwareAnalysis #IDAPro #Ransomware
Loading playlists...