05 - How Lockbit Uses the DLL Name as a Seed for API Hashing

preview_player
Показать описание
In part 05, we continue to our deep dive into Lockbit's runtime-linking. In this video, you'll see how Lockbit uses the DLL name to create a seed. This seed is used in the actual computation of the API name, which is a twist on a standard malware technique. You'll see how this technique is used and I'll discuss the broader impact it has on your reversing efforts.

Join this channel to get access to perks:

Cybersecurity, reverse engineering, malware analysis and ethical hacking content!
🌶️ YouTube 👉🏻 Like, Comment & Subscribe!

0:30 Finding the image_base
1:25 Parsing the image dos header
3:36 DATA Directories
5:30 The IMAGE_EXPORT_DIRECTORY
6:40 AddressOf*
8:21 Checksum from a DLL name - where the seeds come from
9:15 Brief note on the UNICODE structure
  1. Dr Josh Stroschein - The Cyber Yeti
  2. cyber
  3. cybersecurity
  4. training
  5. malware
  6. malware analysis
Рекомендации по теме
05 - How 0:14:12

05 - How Lockbit Uses the DLL Name as a Seed for API Hashing

LockBit, World’s #1 0:08:15

LockBit, World’s #1 Hackers (An Inside Look)

Hands-on Ransomware: Exploring 0:43:28

Hands-on Ransomware: Exploring Cybercrime

🔓 ИНТЕРВЬЮ С 0:22:44

🔓 ИНТЕРВЬЮ С LOCKBIT 2.0: ТАЙНЫЕ СДЕЛКИ КОМПАНИЙ С ШИФРОВАЛЬЩИКАМИ / RANSOMWARE / RUSSIAN OSINT...

Here's What We 0:04:41

Here's What We Know About Lockbit Takedown And Leader

IT Governance Podcast 0:19:18

IT Governance Podcast 5.5.23: ChatGPT, LockBit, T-Mobile, Alan Calder on cyber security for boards

Plongée dans l'Univers 0:10:07

Plongée dans l'Univers Obscur de LOCKBIT | Documentaire cybersécurité

Russian Soldiers Get 0:05:23

Russian Soldiers Get Honey Trapped, LockBit Ransomware will Pay You to Get Tattooed

Watch This Russian 0:02:56

Watch This Russian Hacker Break Into Our Computer In Minutes | CNBC

Royal Mail Lockbit 0:01:00

Royal Mail Lockbit Cyber Attack

Feds Dox World's 0:09:37

Feds Dox World's Most Wanted Cyber Criminal

LockBit 0:15:13

LockBit

She got virus 0:00:46

She got virus on her iPhone 😱Here’s a simple repair😘 #shorts #apple #ios #iphone #virus #calendar...

WPF C# Processing 0:00:33

WPF C# Processing Image Lockbit

UEFI Malware - 0:08:03

UEFI Malware - The Low Level Threat To Millions of PCs

Inside Lockbit, The 0:09:05

Inside Lockbit, The Undisputed King Of The Cyber Underground

Operation Cronos: Infiltrating 0:35:04

Operation Cronos: Infiltrating the LockBit Ransomware Syndicate

LockBit 2.0 ransomware 0:03:05

LockBit 2.0 ransomware (.lockbit virus) - how to remove?

Is LockBit 3.0 0:11:37

Is LockBit 3.0 On Life Support?

Practitioner Brief August 0:20:48

Practitioner Brief August 5th, 2021 - Lockbit & ERG Group & Cisco Patch & China APT

Ransomware group LockBit 0:03:02

Ransomware group LockBit hit with arrests, indictments

Did ION Group 0:02:02

Did ION Group pay ransom? Has Lockbit got cold feet? w/ Olimpiu Pop - It’s 5:05, Mon, Feb 6, 2023

ION Customers Get 0:01:55

ION Customers Get Online After Lockbit Ransomware w/ Olimpiu Pop - It’s 5:05, Fri, Feb 10, 2023

Ransomware News #27: 0:20:05

Ransomware News #27: Bluebrixx Hack, wieder KRITIS Unternehmen erwischt,KOH war es wirklich Lockbit?