SANS ISC

[SANS ISC] Malicious PowerShell Compiling C# Code on the Fly

I published the following diary on isc.sans.edu: “Malicious PowerShell Compiling C# Code on the Fly“:

What I like when hunting is to discover how attackers are creative to find new ways to infect their victim’s computers. I came across a Powershell sample that looked new and interesting to me. First, let’s deobfuscate the classic way.

It started with a simple Powerscript command with a big Base64 encoded string… [Read more]

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.