Florian Walther
Florian Walther
## Summary smp-server binary from the release page with BuildID cd99e16fec87f49fbfc352350b688e9f90f36e56 DOES work. smp-server binary from the DigitalOcean droplet with BuildID 9dcbeeef5875acc615c486a4c55be8b125592628 DOES NOT work. ## What i did I...
Thank you, your tool works great on a bunch of recent payloads. On the following samples it failed to extract RSA and/or IPS: 6383dd7c624ae6f922a8d3843c953fef1afa7d87d482a9b064391b1871c13998 698f326333fccb0050edabef63c386b6bb3ef2917460d9d2cd01466aca931410 6e55912b89e79469f6a0d8e73539998a1b1f9c44a676bcdf67ed167051e6b407 7b427a5d7cb28116f84cc2f5b850426275ad5a302f690dcf0b9eb74fd1700291 935b54ad81a8a1ba101d6b31e02b0ad74ec66ff09b98295bf3d50e1f377bb4cf ce864ad710f8e2c25e78acfa8d10d0599e572a67d0e3f42169a6a653b667975b eee0e0e3be71c4ad4e65e7f8a2f8a17dec0e7c68cd299297259b3fbb9f064b34...
i have added two new keys to the emotet_rsa_key.yar file. I called the new keys EmotetRSAKey5 and EmotetRSAKey6, in line with the existing naming scheme. EmotetRSAKey5 can be found e.g....