Home
Artists
Search Recent Random
Posts
Search DMs Popular Hash Lookup Tags Random
Importer
Import FAQ
Register
Partychan Matrix ThePornDude
Home Artists Posts Import Register
Patreon importer is back online! Tell your friends ✅

Live Stream VOD: Breaking Themida Protected C2 Config for Socks5Systemz (Patreon)

Published:
2024-04-02 18:38:21
Imported:
Tags:

Content

In this stream we attack a Themida protected C2 config using tracing in x64dbg and some other tricks. The malware analyzed is an older socks proxy botnet called Socks5Ssystemz which has been operating under the radar for years.

Note: This stream was was split over two days due to a surprise migraine! The themida RE starts at around the 40min mark.

Samples

  • Older non-virtualized sample fee88318e738b160cae22f6c0f16c634fd16dbf11b9fb93df5d380b6427ac18f [UnpacMe]

  • New Themida virtualized sample c9278f17730a4078d3b28e349d31dbdab961d8b61aab7b710f088d0f03a033c8 [UnpacMe]

Prior Work

Unveiling Socks5Systemz: The Rise of a New Proxy Service via PrivateLoader and Amadey

Files

Live Stream VOD: Breaking Themida Protected C2 Config for Socks5Systemz

Comments

Robert Yates

not sure if this is a vimeo issue(i think its vimeo used for the vods?) but when you scroll large pages of text on stream then the whole bitrate drops and the video falls apart, for example at 1:35:35. i noticed this is on the lua video also. i dont think its a local issue? but thought i would point it out :) ... anyway im enjoying the all the vidz :)

oalabs
>>134145842

Haha! Yeh 90's quality internet, the bitrate was set too low for the screen size, it happened on some local recordings too. Still fiddling with settings, I'll get it right eventually 😅