Learn how to identify and analyze a real DocuSign sponsorship scam attempt in this cybersecurity analysis video. Follow along as a malicious sponsorship offer is dissected, revealing common red flags and demonstrating professional malware analysis techniques using tools like VirusTotal and APP.ANY.RUN. Explore the anatomy of the attack through a virtual machine setup, examine suspicious domain characteristics, analyze malware behavior in a sandbox environment, and understand the complete attack chain from initial contact to attempted malware delivery. Gain practical knowledge about cybersecurity tools, safe browsing practices, and malware analysis methodologies while seeing firsthand how cybercriminals attempt to exploit legitimate business processes through DocuSign impersonation.
Analyzing and Preventing DocuSign Malware Scams - A Security Case Study
Overview
Syllabus
0:00 Intro
0:16 How the scam started red flags
1:14 Malicious "DocuSign" link
1:42 Checking the URL with VirusTotal
2:16 Suspicious domain
2:42 Deep analysis with App.Any.Run
4:08 Access link in VM, proxied via Burp
4:53 Returning to the hacker convo
5:45 Safebrowsing with App.Any.Run
6:47 Triggering the malware download
7:40 Checking the new URL with VT
8:01 Uploading the binary to VT
10:02 Malware behaviour sandbox analysis
10:50 Conclusion
Taught by
CryptoCat
