Reversing WannaCry Part 1 - Finding the killswitch and unpacking the malware in #Ghidra

Watch on YouTube

Show annotations

Download is disabled.

378,594

9,617

114

Genre: Science & Technology

Family friendly? Yes

Wilson score: 0.9859

Rating: 4.9531 / 5

Engagement: 2.57%

Ghidra Ninja

Subscribe | 20.1K

Shared March 27, 2019

Part 2 is out! https://www.youtube.com/watch?v=Q90uZ...

In this first video of the "Reversing WannaCry" series we will look at the infamous killswitch and the installation and unpacking procedure of WannaCry.

The sample can be found here: https://www.ghidra.ninja/posts/03-wan...

Twitter: https://twitter.com/ghidraninja

Links:
- Interview with MalwareTech: https://soundcloud.com/arrow-bandwidt...
- MalwareTech's blogpost about the killswitch: https://www.malwaretech.com/2017/05/h...

Further reading
- Wikipedia: https://en.wikipedia.org/wiki/WannaCr...
- LogRhythm Analysis: https://logrhythm.com/blog/a-technica...
- Secureworks Analysis: https://www.secureworks.com/research/...



15:19

Wana Decrypt0r (Wanacry Ransomware) - Computerphile

1.1M views

9:46

MMORPG Bot Reverse Engineering and Tracking

506K views

1:11:44

DebConf 14: QA with Linus Torvalds

453K views

5:27

Showing a Craigslist scammer who's boss using Python

4M views

1:22:22

The Magic of Chemistry - with Andrew Szydlo

2.4M views

51:12

Radio Hacking: Cars, Hardware, and more! - Samy Kamkar - AppSec California 2016

314K views

11:27

Timeboxing: Elon Musk's Time Management Method

1.5M views

11:52

158,962,555,217,826,360,000 (Enigma Machine) - Numberphile

4.5M views

13:22

What if you could trade a paperclip for a house? | Kyle MacDonald | TEDxVienna

9.9M views

18:39

Professor Eric Laithwaite: Magnetic River 1975

1.8M views

1:29:12

Scamming the Scammers - How to Handle Fake Tech Support Calls

1.7M views

15:01

Solving a JavaScript crackme: JS SAFE 2.0 (web) - Google CTF 2018

383K views

33:37

Black Hat 2013 - Exploiting Network Surveillance Cameras Like a Hollywood Hacker

888K views

36:30

World's Most Famous Hacker Kevin Mitnick & KnowBe4's Stu Sjouwerman Opening Keynote

858K views

11:30

Ghidra quickstart & tutorial: Solving a simple crackme

75K views

39:59

Writing Viruses for Fun, not Profit

303K views

16:26

Analysing a Firefox Malware browserassist.dll - FLARE-On 2018

169K views