Summary
Sample hash is: fc345d151b44639631fc6b88a979462dfba3aa5c281ee3a526c550359268c694
This write-up of mine will be divided into three parts:
- Grab core Emotet Dll payload.
- Recover API functions that used by core payload.
- Decrypt strings
Sample hash is: fc345d151b44639631fc6b88a979462dfba3aa5c281ee3a526c550359268c694
This write-up of mine will be divided into three parts: