SANS ISC

[SANS ISC] Malicious Powershell using a Decoy Picture

I published the following diary on isc.sans.edu: “Malicious Powershell using a Decoy Picture“:

I found another interesting piece of malicious Powershell while hunting. The file size is 1.3MB and most of the file is a PE file Base64 encoded. You can immediately detect it by checking the first characters of the string… [Read more]

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.