In this video I cover 2 methods of how to unpack a sample of Emotet malware using x32dbg. I explain process injection, some common API calls used by the malware to unpack itself, how to set breakpoints and ultimately how to identify the unpacked code and dump a clean executable for further analysis.
MD5: f3f48c57c38bff2ddd220f20569e1ee6
Sample can be downloaded from app.any.run/
Негізгі бет #8 How to Manually Unpack Malware
Пікірлер: 33