Reversing in action: Golang malware used in the SolarWinds attack. Part 2

5 Comments | script By · 08/02/2023



Reversing in action: Golang malware used in the SolarWinds attack. Part 2

Reversing in action: Golang malware used in the SolarWinds attack. Part 2

This video is a continuation of the newly launched bonus track in the Targeted Malware Reverse Engineering training course from Kaspersky GReAT’s Senior Security Researchers. One of the course authors, Ivan Kwiatkowski explains how to analyze malware written in Go language on a Sunshuttle sample used in the SolarWinds attack.
In part two, Ivan demonstrates a solution to the exercise shown in the first part of this tutorial. Then he continues reversing the Sunshuttle sample and shows its first communications with the C2 server.
To learn more from Ivan on Go malware analysis and 10 more real-life APT cases in several programming and scripting languages (C, .NET, Delphi, Powershell, JavaScript, C++), enroll in the full course here https://kas.pr/5v4d
Read a blogpost about the Tomiris backdoor and its connection to Sunshuttle https://kas.pr/6wbn

00:00 – Introduction
02:28 – Solution to the exercise 1
03:29 – Reverse engineering Sunshuttle: Step 2

#KasperskyExpertTraining #TargetedMalware #MalwareAnalysis #ReverseEngineering #APT #KasperskyGReAT #ReversingWorkshop #GolangMalware #GoMalware #SolarWinds #Sunburst #Sunshuttle #Tomiris

Comments are closed.

53GB.COM GPTSTORE CPU Yougpt Gptsio Gpt-store-Nav