ch0ic3/MalwareSourceCode
1
0
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode.git synced 2024-12-19 18:06:10 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update EmoCrash.ps1

Browse Source
This commit is contained in:
vxunderground 2021-12-16 12:12:06 -06:00 committed by GitHub
parent 3e669018dd
commit 028b7b44ca
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Other/EmoCrash.ps1
View File

@ -1,4 +1,4 @@
#TLP:GREEN - NOT FOR PUBLIC DISTRIBUTION, TOPIC IS NOT TO BE MENTIONED NOR PUBLISHED ABOUT IN ANY PUBLIC METHODS.
#UPDATE 2021 DEC 16TH. LOWERED TO TLP:WHITE
#Thanks to @cryptolaemus
https://twitter.com/Cryptolaemus1 and the various contributors of the Emotet Task Force/Working Group
#Emotet Innoculation Script [Quinnoculation]
@ -10,7 +10,7 @@ https://twitter.com/Cryptolaemus1 and the various contributors of the Emotet Tas
# Authors: James Quinn, Binary Defense
# Grabs the VolumeSerialNumbers and sets a registry key in Explorer with type= REG_BINARY and a value too large for Emotet to handle, overwriting the destination buffer,
#Which crashes emotet.
#UPDATE 2021 DEC 16TH. LOWERED TO TLP:WHITE
function GenerateData{
[byte[]]$string
@ -46,4 +46,4 @@ New-ItemProperty -Path $AKey -Name $x -Value ([byte[]]($data)) -PropertyType Bin
New-ItemProperty -Path $key -Name $x -Value ([byte[]]($data)) -PropertyType Binary
}
}