Tags » My Software

WannaCry Simple File Analysis

In this video, I show how to get started with my tools and a WannaCry sample.

Tools: pecheck.py, zipdump.py, strings.py

Sample: 84c82835a5d21bbcf75a61706d8ab549

My Software

Update: zipdump.py Version 0.0.8

Added handling of zlib errors when performing a dictionary attack.

zipdump_v0_0_8.zip (https)
MD5: 51B971B57800D126B2067DC53303355A
SHA256: 095EE6000E99B9193C830B8BA11139907CB9445FD7D94D81E3F97A8B458D5D16

My Software

Update: re_search.py Version 0.0.7

This new version of re-search.py has a build-in regular expression for bitcoin addresses, together with a Python function to validate the address.

re-search_V0_0_7.zip (https… 28 more words

My Software

Update: re_search.py Version 0.0.5

When I used my re-search.py tool to extract Bitcoin addresses from the latest WCry samples, I found a small bug. This version is a bugfix (bug introduced in version 0.0.4). 32 more words

My Software

Crack A ZIP Password, And Fly To Dubai ...

We had to crack a password protected ZIP file, to discover that just few hours later, we would fly to Dubai for our NVISO team building event… 99 more words

My Software