neonprimetime security , just trying to help

Friday, July 31, 2020

Ida Pro Python Save Dump Extract In Memory Unpacked Binary Bin

›
so i'm going to try in IDA hit SHIFT-F2, select python, type in this code  filename = AskFile(1, "*.bin", "Output fil...
2 comments:
Wednesday, July 29, 2020

further into the emotet 1st level packer

›
emotet mfc https://app.any.run/tasks/585ddd5e-0dde-421f-8b8a-e7dbaf4f8c05/ 3F32E053657036D09C84D6DAD220EF50 my random notes on where i g...
1 comment:
Tuesday, July 28, 2020

emotet mfc using CreateDlgIndirect lpDialogFunc call-back

›
emotet mfc starting point notes, trying to figure out where the malicious code starts https://app.any.run/tasks/585ddd5e-0dde-421f-8b8a-e7d...
1 comment:

emotet api resolution, fs:30h, _PEB_LDR_DATA

›
just summarizing important parts in this great blog https://distributedcompute.com/2020/04/19/how-emotet-resolves-apis/ ----------- STE...
3 comments:

attempt at emotet api resolver

›
random scattered notes https://app.any.run/tasks/585ddd5e-0dde-421f-8b8a-e7dbaf4f8c05/ 3F32E053657036D09C84D6DAD220EF50 update: after-...
1 comment:
Thursday, July 16, 2020

IDA Pro Debug Load DLL export function, getting Error WerMgr fault

›
If you are trying to debug a DLL and getting a wermgr fault using IDA it may be because you are using the WRONG version of rundll32.exe th...
1 comment:
‹
›
Home
View web version
Powered by Blogger.