Analyzing Emotet with Ghidra — Part 1
Tags
attack-pattern: Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Tool - T1588.002 Scripting - T1064 Scripting
Show in Graph
Common Information
Type Value
UUID c45ca231-d40a-422a-aebe-ddc6fe71de8b
Fingerprint aa03b8622df5871e
Analysis status DONE
Considered CTI value 0
Text language
Published April 22, 2019, 11:36 p.m.
Added to db Sept. 26, 2022, 9:30 a.m.
Last updated Nov. 18, 2024, 11:24 a.m.
Headline Analyzing Emotet with Ghidra — Part 1
Title Analyzing Emotet with Ghidra — Part 1
Detected Hints/Tags/Attributes 19/1/9
Source URLs
Redirection Url
Details Source https://medium.com/@0xd0cf11e/analyzing-emotet-with-ghidra-part-1-4da71a5c8d69
URL Provider
Details Provider Source level domain
Details medium.com medium.com
Attributes
Details Type #Events CTI Value
Details Domain 8 
ghidra-sre.org
Details Domain 454 
www.google.com
Details Domain 4131 
github.com
Details File 1 
ghidra_emotet_decode_strings.py
Details Github username 1 
0xd0cf11e
Details sha256 1 
ee0a206415cce60f8b3afb29d8c17f86fe1923cbdf69812be139a3012b2fa24b
Details Url 7 
https://ghidra-sre.org
Details Url 1 
https://www.google.com/search?q=emotet
Details Url 1 
https://github.com/0xd0cf11e/ghidra/blob/master/ghidra_emotet_decode_strings.py