Skip to content

NexusFuzzy/Edison

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

30 Commits
Eddy
Eddy
 
 
Eddy.sln
Eddy.sln
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
logo.png
logo.png
 
 
screenshot.PNG
screenshot.PNG
 
 

Repository files navigation

Tool to decrypt encrypted strings in AgentTesla version 2 and 3

Usage: eddy.exe TeslaSample.exe Output.txt <Version (Can be 2, 3 or 0 for Auto-Detect)>

alt text

If you are not interested in compiling it yourself just grab the binary from bin/debug! Please note that most samples are packed and before you can use this tool you should have the dumped sample. You may use HollowsHunter.

It should be clear but this tool invokes (calls) methods of AgentTesla to extract strings. It is therefor strongly advised to run this tool within a secure virtual environment!

Another approach which might be cool is described here:

https://medium.com/@irshaduetian/decrypting-obfuscated-net-malware-strings-using-de4dot-emulation-6614c5a03dab

About

Tool to decrypt encrypted strings in AgentTesla

Resources

Readme

License

GPL-3.0 license
Activity

Stars

16 stars

Watchers

3 watching

Forks

7 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages