Deciphering Obfuscated JavaScript Malware
72,977
Published 2024-04-09
In this video, we manually deobfuscate and Reverse Engineer an obfuscated JavaScript file. We look at a malicious loader file that downloads and executes a secondary AsyncRAT payload. You can follow along yourself with the video, by using the hash listed below!
---
File Hash: 978bf1471b3536dfdea854dd1c5d8ee63bdfbc8223c0254a92b183a711699a3a
---
Timestamps:
00:00 Intro to JavaScript Deobfuscation
06:03 Deeper Deobfuscation Techniques
12:02 Decoding Variables
18:00 Analyzing Obfuscated JS Function Calls
24:00 Uncovering Hidden Functionality
30:00 Reconstructing the Malicious Payload
---
LaurieWired Socials:
linktr.ee/lauriewired
---
Intro Music Courtesy of Analog Summer:
• Cloud Reverie by Analog Summer
All Comments (21)
-
This is not really my area of interest specifically, although i follow various computer related content. What actually shocked me, after watching several videos, is how orderly mind this lady has. Absolutely smooth speaking about complicated topics. I envy that talent so much.
-
I'm a backend dev and have never dug into malware analysis, but this video made the process look pretty fun and rewarding. I guess it is just a big dangerous puzzle
-
holy effing sht. I literally just came across some heavily obfuscated js code that i am dying to reverse engineer and this vid came up. there is a god.
-
I'm a complete code mong, so I'm trying to "hang around" with smart people to soak up as much as I can - hence, why I'm here. Just to prove I was paying attention: 28:30 It looks like the integer returned was "1". You went back to the code and typed "0". Thanks for the walkthrough of what you're doing - Picked up a couple of tricks here.
-
These videos are really well made. I've tried to make educational content a few times before but never really landed on a good style or way to do things. You've inspired me to give it another shot
-
This channel is really phenomenal. Everything from the technical aspect and way you break everything down in a clear and precise manner, the way you articulate yourself clearly, the synthwave color schemes and background setup is epic… I love all the things! Favorite channel lately :-) You are very knowledgeable and talented and it shows. Thank you for sharing your knowledge!
-
Nice, I was looking for a nice detailed video that goes through such an annoying obfuscation in JavaScript. Thanks!
-
@28:29 a little error here ;-) pasting 0 instead of the 1
-
The quality of these videos is just great, I'm not into JS at all, but it's well explained to follow along, nice! It all feels very much like security through obscurity, I predict this can be automated in the near future.
-
Wow, just found your channel and I love it. Your presentation style is amazing!
-
One of my new favorite channels! I love the old school Tech Tv/G4 vibe of your set.
-
Awesome video Laurie, I learned a lot by watching your well explained videos. Thank you.
-
You've done a great job of presenting this in a clear way that makes an otherwise daunting endeavor make a lot more sense. Of course, your intuition about what the code is doing is a major factor, and that can only be developed with experience and persistence...
-
20:39 and other places: you don't need to write the "console.log", just expression itself is okay.
-
Laurie, your voice and way to explain is gorgeous!! New favorite channel! Im a simple FE developer who loves non FE content :) Thank you for exists!
-
I love the content and aesthetics of your videos, definitely my favourite channel at the moment! Also, for some reason you make me think of squirrels, which is fantastic - a vaporwave squirrel.
-
You did a really good job with the style of your videos
-
I haven't done this type of stuff in forever. Great video and a fun romp through reverse engineering malware. Great Job, you've earned a new subscriber!
-
I did't need this but the explanation was so clear I kept watching
-
This was a lot of fun! What a cool breakdown.
