Overview
Some information about DealPly can be found here:
The post focuses on the following main sections:
- Unpack wrapper/loader to get main Dll payload.
- Decrypt C2url and strings are used in the malware code.
Sample:
SHA-256: 40584f79d109a18b1c4ea7e75a945324978652b6afcc9efbe62241717f0b4685
(more…)