FAKE Antivirus? Malware Analysis of Decoy 'kaspersky.exe'

"Skip ahead if you don't want to watch me suffer"... you have CLEARLY misunderstood why I'm here ;)

I like that the videos are not scripted please make more of a Malware Analysis

I cried when he downloaded update.exe as kaspersky.exe

John: disables windows adapter Me: internal screaming You should do that in the VM settings

I love how John can easily edit the parts he messes up out but he still doesn't and leaves it in. I love seeing your internal thought process when it comes to solving problems.

I can see two reasons why running update.exe at ~15:00 didn't work: 1) it needs three args, the first of which being the pid (you only gave two), and 2) you misspelled the Windows/kaspersky directory as Windows/kasperky.

I got hacked and I really cant get enough of this content, it's just so interesting. As far as I know your the only one making videos about this stuff that are really fun and enjoyable. Thanks dude

Yaaaassssss, Another malware analysis wooooooo

File Description: b

I am a beginner Python programmer and I like to watch you videos because they make me feel like I understand the things that are happening, but I am just absolutely clueless as to what's happening. Love it

John: download two time kaspersky.exe instead of upload.exe Me: scream at the monitor for 3 minutes straight John: you should told me! Me: I did it John, I DID IT.

You are quickly becoming my new favorite person to watch when I get home from work. Great stuff!

John: Here is what I think you should try with this: Determine what the config url turns out to be, then see if you can slap your own command and control server together, to send you an email. That would be cool. Like, tame the malware and do your bidding. Another approach would be to fake an update server, and see if your can push other code to your VM that way. It would give viewers a nice insight into how the remote (usually hidden) aspect could work in theory. That would also make for a great hackthebox style box as well!

Your videos are so exciting! Not to mention extremely informative. This makes your content so unique!!! Thank you so much for everything you do! You have one of my favorite channels. The other happens to be David Bombal. I can not express how grateful I am to have you guys as resources!

These videos are honestly so great - even if you can grasp all the technical coding stuff, it’s still so educational!

Really nice John, been with your channel since 70K~ and am really not suprised it grew that much. As for this series, I love them, can't wait for the next one! Never responding to video's but just wanted to let you know how good they are and that you should definitely keep it up! Kind regards

The content usually isn't that interesting to me, but with that enthusiasm of yours i just cannot get enough of it.

finally a constructive vent for my paranoia (brought me here)

omg... North Korean did this. "완충기" which means buffer in Kanji sound 緩衝器. South Korea use "buffer" "버퍼[buffer]" as it is pronounce in English when programming. "오유[O:YU]" means error, which is "오류[ORYU]" in South Korean. "량[Liang]" = Quantity is "양[Yang]" in South Korean. North Korean has liquidization in ther R, L, I sound.

Amazing Content John, I appreciate it I've seen a lot of channels related to this niche but your channel just looks unique and you're very natural unlike the others :D