meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Tuesday, March 28th, 2023

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News, Technology

4.9696 Ratings

🗓️ 28 March 2023

⏱️ 5 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. Reversing HTA Files Part 1; Apple Patches; New MacStealer

Transcript

Click on a timestamp to play from that location

0:00.0

Hello and welcome to the Tuesday, March 28, 2020,

0:04.6

edition of the Sansonet Storm Center's Stormcast.

0:09.0

My name is Johannes Ulrich, and then I'm recording from Jacksonville, Florida.

0:15.1

For everybody out there enjoying Malware reverse engineering, DDIT,

0:19.5

today started a nice series of

0:23.2

diaries looking into

0:25.3

reverse engineering

0:26.8

HTA files.

0:28.6

HTA, these are

0:29.7

HTML applications.

0:32.1

It's essentially sort of

0:33.2

HTML, JavaScript and such,

0:35.8

bundled together,

0:41.6

very often used than by ransomware and such.

0:46.9

I've seen it, for example, where you receive a sip file. Once you unsip it, you get that.

0:53.8

Dot HTA file that then when you double-click it, does additional malicious things, basically triggered by JavaScript.

0:56.3

So today's diary is mostly about how do we de-obfuscate this JavaScript part to basically

1:01.9

figure out what's next.

1:04.3

The next part is then, well, some other scripting language like this car case, PowerShell or

1:09.9

other tools to download and run additional

1:13.0

malicious code. Pretty neat diary to get you started with, and of course, DDI has all the tools

1:20.7

for you in order to make reverse analysis pretty easy. And Apple today updated, well, pretty much everything.

...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2025.