ch0ic3/MalwareSourceCode
1
0
Fork 0
mirror of https://github.com/vxunderground/MalwareSourceCode.git synced 2024-12-20 02:16:09 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update EmoCrash.ps1

Browse Source
This commit is contained in:
vxunderground 2021-12-16 12:12:06 -06:00 committed by GitHub
parent 3e669018dd
commit 028b7b44ca
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Other/EmoCrash.ps1
View File

@ -1,4 +1,4 @@
#TLP:GREEN - NOT FOR PUBLIC DISTRIBUTION, TOPIC IS NOT TO BE MENTIONED NOR PUBLISHED ABOUT IN ANY PUBLIC METHODS. #UPDATE 2021 DEC 16TH. LOWERED TO TLP:WHITE
#Thanks to @cryptolaemus #Thanks to @cryptolaemus
https://twitter.com/Cryptolaemus1 and the various contributors of the Emotet Task Force/Working Group https://twitter.com/Cryptolaemus1 and the various contributors of the Emotet Task Force/Working Group
#Emotet Innoculation Script [Quinnoculation] #Emotet Innoculation Script [Quinnoculation]
@ -10,7 +10,7 @@ https://twitter.com/Cryptolaemus1 and the various contributors of the Emotet Tas
# Authors: James Quinn, Binary Defense # Authors: James Quinn, Binary Defense
# Grabs the VolumeSerialNumbers and sets a registry key in Explorer with type= REG_BINARY and a value too large for Emotet to handle, overwriting the destination buffer, # Grabs the VolumeSerialNumbers and sets a registry key in Explorer with type= REG_BINARY and a value too large for Emotet to handle, overwriting the destination buffer,
#Which crashes emotet. #Which crashes emotet.
#UPDATE 2021 DEC 16TH. LOWERED TO TLP:WHITE
function GenerateData{ function GenerateData{
[byte[]]$string [byte[]]$string