Unpacking Emotet / Geodo (Stage 1) Using x64dbg - Subscriber Request
Open Analysis Live! We use x64dbg to unpack a new Emotet / Geodo malware (Stage 1). This was a subscriber request asking us to determine how this was packed.
-----
OALABS DISCORD
https://discord.gg/6h5Bh5AMDU
OALABS PATREON
https://www.patreon.com/oalabs
OALABS TIP JAR
https://ko-fi.com/oalabs
OALABS GITHUB
https://github.com/OALabs
UNPACME - AUTOMATED MALWARE UNPACKING
https://www.unpac.me/#/
-----
Packed sample:
Sha256:
c41cbad1ee87b9156c389962608cf25570ca176903b299cb3415f3fc3a23ebbe
https://malshare.com/sample.php?action=detail&hash=90c2c10001134ab2a1cc87ec4382b197
x64dbg:
https://x64dbg.com/#start
PE-bear:
https://hshrzd.wordpress.com/pe-bear/
PyIATRebuild:
https://github.com/OALabs/PyIATRebuild
Unpacked (stage 1):
c3f43896913c17f91c0d95924ac426e89928b8eef93da7dc107a7a0891c7a860
https://malshare.com/sample.php?action=detail&hash=01e0cf87ee2e22ff40e648aa82409ce4
Feedback, questions, and suggestions are always welcome : )
Sergei https://twitter.com/herrcore
Sean https://twitter.com/seanmw
As always check out our tools, tutorials, and more content over at http://www.openanalysis.net
Видео Unpacking Emotet / Geodo (Stage 1) Using x64dbg - Subscriber Request канала OALabs
-----
OALABS DISCORD
https://discord.gg/6h5Bh5AMDU
OALABS PATREON
https://www.patreon.com/oalabs
OALABS TIP JAR
https://ko-fi.com/oalabs
OALABS GITHUB
https://github.com/OALabs
UNPACME - AUTOMATED MALWARE UNPACKING
https://www.unpac.me/#/
-----
Packed sample:
Sha256:
c41cbad1ee87b9156c389962608cf25570ca176903b299cb3415f3fc3a23ebbe
https://malshare.com/sample.php?action=detail&hash=90c2c10001134ab2a1cc87ec4382b197
x64dbg:
https://x64dbg.com/#start
PE-bear:
https://hshrzd.wordpress.com/pe-bear/
PyIATRebuild:
https://github.com/OALabs/PyIATRebuild
Unpacked (stage 1):
c3f43896913c17f91c0d95924ac426e89928b8eef93da7dc107a7a0891c7a860
https://malshare.com/sample.php?action=detail&hash=01e0cf87ee2e22ff40e648aa82409ce4
Feedback, questions, and suggestions are always welcome : )
Sergei https://twitter.com/herrcore
Sean https://twitter.com/seanmw
As always check out our tools, tutorials, and more content over at http://www.openanalysis.net
Видео Unpacking Emotet / Geodo (Stage 1) Using x64dbg - Subscriber Request канала OALabs
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Unpacking and Extracting TrickBot Malware Configuration With x64dbg and Python
Reversing Malicious Office Document (Macro) Emotet(?)
Unpacking Gootkit Malware With IDA Pro and X64dbg - Subscriber Request
How Do Packers Work - Reverse Engineering "FUD" Aegis Crypter
Unpacking Process Injection Malware With IDA PRO (Part 1)
Getting Started with Base64 Encoding and Decoding & automation with bash
Emotet Malware Analysis: Unpacking and Reversing Malicious Document
The World's Worst Botnet Just Got Stronger![Control Flow Flattening Obfuscation Explained Practically [ Twitch Clip ]](https://i.ytimg.com/vi/SulC2l1Dvbo/default.jpg)
Control Flow Flattening Obfuscation Explained Practically [ Twitch Clip ]
Wireshark - Malware traffic Analysis
Unpacking GlobeImposter Ransomware With x32dbg
How to crack Bigasoft Total Video Converter and remove the trial limitations using x64dbg
Fast Malware Unpacking With CryptDecrypt and RtlDecompressBuffer
Unpacking Redaman Malware & Basics of Self-Injection Packers - ft. OALabs
How To Defeat Anti-VM and Anti-Debug Packers With IDA Pro
Malware Analysis - Heodo - Emotet v4 - Microsoft Word Macro
Dumpulator - Using Binary Emulation To Automate Reverse Engineering
Emotet Malware Analysis - Part 1 - Deobfuscating VBS code
x64dbg: How to find caller of function