Video: Analysis of a multi-stage malware (doc -> vba -> jscript -> exe -> shellcode -> mapped exe -> iat rebuild)

This is the full analysis of a multi-stage malware.

Sample hashes:

MD5: A3BF316D225604AF6C74CCF6E2E34F41
SHA1: D20981637B1D9E99115BF6537226265502D3E716
SHA256: 00476789D901461F61BDF74020382F851765AFCD7622B54687CDA70425A91F86

This is the code I wrote for JavaScript deobfuscation. Make sure to insert the base64 encoded javascript payload before running it.

Video: Solving VM-based challenges using Cerbero

How to solve VM-based challenges with the help of Cerbero.

This is the template code: