Live Stream VOD: Matanbuchus Triage - Part 3 (Patreon)

In this twitch stream we take a final look at the Matanbuchus loader malware. We focus on an older version of the payload that uses a different type of string encryption. 

This stream is more of an experiment with emulation rather than anything useful for tracking the loader since the sample we are examining is old and no longer in use. We end up with a small emulation tool that might be useful for more generic string decryption...

Notes

Matanbuchus Triage Notes - Taking a Closer Look At Obfuscated Samples