MALWARE ANALYSIS - VBScript Decoding & Deobfuscating

To quiet a few annoying trolls, in this video I mistakenly said "I can't run a VBScript file because I'm running Windows right now". If I were on Windows, I could certainly execute the VBScript. I should have said "I'm running Linux" because I am clearly using Linux for this showcase. (You can still partially run VBScript code with Wine on Linux, but your mileage may vary)

thank you for struggling with regular expressions. I always feel like an idiot when I can't get them to do what I want the first time.

Can you dissect some malware that I may have accidentally ran on my computer and I don’t know what has happened it’s the GitHub repo for Luna grabbed by smug246 I want to know what it might have done I have changed all my passwords and invalidated all my cookies but would like to know who is responsible thanks

Where can I get the sample????

I almost slept while cleaning tangent variables, but I swear this video is amazing, do people get paid for doing this?

As me being a malware analyst, it’s definitely hard if you don’t know how to hack into the malicious content and try and hack the hacker from actually hacking other peoples malware softwares, emails, data, even ip address. I recommend being careful if your not a malware analyst or don’t know anything about malware analysis

i spent years making a rat and it got so advanced at the end i had nothing to do with it. idk how useful they are today since antiviruses are strong now i think

Straight up hero. Finds a random script then cleans it up and updates to publish

COOL!!!! More malware analyse plz!!!!!!!

All to nonsense typ...

Good thing you are not swedish because computer keys are called "tangent(s)" in Swedish and coding would involve a heck of a lot of tangents then XD

Omfg this is like the gamer and/or techie version of solving sudoku puzzles and I love it!

function + tit

What's your top or mostly used tools for ransomware analysis?

So that’s why we need tangent 🧐

Ya know John , I am definitely Entertained, & Great Imagination/0

Was going to use this to fall asleep but ended up watching the whole thing

Nicely done 👍🏽

Thanks can we do more of these like other people said you are good to watch and learn from as your train of thought is excellent and educational.

maybe we need an episode on how to prevent VBS scripts from Silent Running in the background without permission to prevent this kind of Rats

Really cool video.

This malware is the definition of "baffle them with bullshit"

John you idiot that is musical effects

I liked the way the author changed the source code text to ASCII numbers. Nice puzzle.

The lines dealing with the tangent function call is a literal tangent it put you on.

Damn this content of you looking at malware is f’ing classic

I have no earthly idea why you don't use VSCode instead of googling broken online beautifiers and whatever the hell else.

this man deserves 10M subs.

Great tutorial and thanks for providing this amazing crack)))

This tutorial is amazing and you are really good at teaching !! great job sir !

amazing. thx a lot. never saw that kind of analysis. would be cool if you could make an own section for different executeable stuff

TNice tutorials was great! the way you explain tNice tutorialngs and repeating it really helps. thanks for the tutorial!

It worked. I'm not a bot and this is my second time downloading it to a separate PC. Also his other video for AI works too

Loooooool its working xd

"HAaaAA" - John Hammond, 2021

thanks, downloaded, all works!

thanks, downloaded, all works!

no age restriction to make art!

Türkce dil icin egi gecenlere tesekürler.

How DO YOU OPEN A setup ALL OF THE TUTORIALS START WITH A setup

🐲4⃣️

the hell how did you get malware from the vbe decoder script i thought you were just examining the process of the decoder ??

Watching this video brought me back to my days of studying for the OSCP. I enjoyed this a lot more than I thought I would.

Can you stick the code in Cyber Chef to deobfuscate it?

Bro this is the exact same fucking thing I've been dealing with it comes up as a windows fucking update and it fucking tells me I need it .Look into windows 11 and how it pops up under actual windows updates it makes your start file go away for windows The only way you can fix these stupid fucking things is reinstalling fucking windows or having image backup backup or just resetting to a prior date hopefully it's not the date that it got put on it's honesty hell I'm sick of losing my data

got any pointers for building Linux machine? i see ya using that ...my pc i got now is currently bitlocked to windows 11...so was gonna build new one for just only Linux....i can record this if needed for example....happens tome to time....why i never fuckin update shit for windows

UBound gets the index of the upper portion of an array in the given dimension, where lbound gets the lower portion of an array in the given dimension.

Excecute order 66 on that malware lol