In the second video of the “Reversing WannaCry” series we continue to dive into the malware and find some encrypted components and the first traces of the decryption & encryption functionality of the ransomware. We also learn how to use OOAnalyzer to easily reverse engineer C++ code in Ghidra!
Part 1: https://www.youtube.com/watch?v=Sv8yu12y5zM
The scripts and Ghidra projects can be found here: https://github.com/ghidraninja/ReversingWannacry
Twitter: https://twitter.com/ghidraninja
Links:
– OOAnalyzer: https://insights.sei.cmu.edu/sei_blog/2019/07/using-ooanalyzer-to-reverse-engineer-object-oriented-code-with-ghidra.html
– My Ghidra Scripts: https://github.com/ghidraninja/ghidra_scripts
Comments