Summary
Sample hash is: fc345d151b44639631fc6b88a979462dfba3aa5c281ee3a526c550359268c694
This write-up of mine will be divided into three parts:
- Grab core Emotet Dll payload.
- Recover API functions that used by core payload.
- Decrypt strings
Archive for December 19, 2022
[Z2A]Bimonthly malware challege – Emotet (Back From the Dead)
Posted: December 19, 2022 in My Tutorials, [Z2A]Bimonthly malware challege - EmotetTags: AppCall, Emotet, IDA, Malware Analysis, ReverseEngineering, unpacking, x64dbg, Zero2Automated
4
0day in {REA_TEAM} 