Hands-on Ransomware: Exploring Cybercrime
54,553
Published 2023-06-05
My Lockbit tweet: twitter.com/_JohnHammond/status/157256282487823974β¦
00:00 - Ryan Chapman, Malware Analyst
00:30 - Introduction
04:29 - First Demo
07:29 - Configuring RAASNet
15:58 - Building RAASNet
18:17 - Detonating RAASNet
21:41 - Builder Archive
23:37 - Second Demo
26:20 - Building Yashma
27:54 - Third Demo
30:08 - Configuring Lockbit
35:01 - Building Lockbit
37:50 - Final Thoughts
π₯ YOUTUBE ALGORITHM β‘ Like, Comment, & Subscribe!
π SUPPORT THE CHANNEL β‘ jh.live/patreon
π€ SPONSOR THE CHANNEL β‘ jh.live/sponsor
π FOLLOW ME EVERYWHERE β‘ jh.live/discord β jh.live/twitter β jh.live/linkedin β jh.live/instagram β jh.live/tiktok
π₯ SEND ME MALWARE β‘ jh.live/malware
All Comments (21)
-
Iβd love to see more of Ryan, hoping heβll start his own yt channel
-
Extremely informative. I'd love to see Ryan discussing malware analysis as he mentions at the video's end. Much appreciated Ryan and John!
-
Thank you! The shadowy world relies on secrecy and silence. This effort to teach and explore is so important. The more light you shine, and the more sparks of interest it inspires, the less room there is for the darkness.
-
Great content! Good to see that you synced up with John Hammond! Keep up the great work Ryan!!
-
Wild to see an old work buddy on one of my favorite YouTube channels.. go Ryan!
-
Great content and advisors.. Thanks for keeping this topic in the front of the line!
-
Waiting for Ryan's Malware analysis things and how he does it in real world cases.
-
Thanks for this Type of Content
-
Some of the best cysec content on planet earth. Thanks Ryan. Killer vid
-
Really enjoyed this, john!
-
26:46 The ASCII art actually broke the builder. Probably would have worked if you took it out. Whoever wrote that should sanitize their stringsβ¦
-
Really amazingπ!
-
Love the video!
-
It's happened before, it will happen again! I saw something similar in the 90's. VCL, IIRC, by Nowhere man of nuke. It was a DOS TUI for creating viruses and the like. It was basically an x86 ASM code generator. You'd select type: com, exec infectors, droppers, etc... type of payload, custom strings and the like. It was password protected, but, if you were skilled with debug tools, you could extract it.
-
Finally π₯π₯π₯π₯π₯π₯π₯π₯ππππππ
-
That login is ridiculously easy to bypass. Just supply a profile dictionary object and execute the code in the last if statement in the login function.
-
This man really like to talk, thx it was interesting.
-
Hello John, can you review PNPT certification? How the course is, and what are the preps to do for the exam. And suggestions for machines to do in THM and HTB. It'll be helpful for me to uptake the certification π₯Ί
-
There was actually an option to change the extension when building it. You just skipped past that screen.
-
Wowβ₯οΈβΌοΈ