Home
Artists
Search Recent Random
Posts
Search DMs Popular Hash Lookup Tags Random
Importer
Import FAQ
Register
Partychan Matrix ThePornDude
Home Artists Posts Import Register
Patreon importer is back online! Tell your friends ✅

Live Stream VOD: Reverse Engineering WhisperGate Stages 2-3-4 (Patreon)

Published:
2022-01-21 19:28:48
Imported:
2022-12
Flagged

Content

In this Twitch stream we reverse engineer the “WhisperGate” malware stages 2, 3, and 4. The first two stages are .NET obfuscated with NetReactor and EazFuscator, while Stage 4 is an x86 binary compiled with MinGW. 

Stage 2 - Downloader: dcbbae5a1c61dbbbb7dcd6dc5dd1eb1169f5329958d38b58c3fd9384081c9b78

Stage 3 - File Corruptor (injector): 9ef7dbd3da51332a78eff19146d21c82957821e464e8133e9594a07d716d892d

Stage 4 - Final (unpacked on stream): 34ca75a8c190f20b8a7596afeb255f2228cb2467bd210b2637965b61ac7ea907

All samples are available on Malshare.

Detailed notes from the stream including the steps we used for deobfuscation and debugging are available on our GitHub Lab-Notes.

Files

Live Stream VOD: Reverse Engineering WhisperGate Stages 2-3-4

This is "Live Stream VOD: Reverse Engineering WhisperGate Stages 2-3-4" by OALABS on Vimeo, the home for high quality videos and the people who love them.

Comments

No comments found for this post.