SANS ISC

[SANS ISC] Malicious Script Leaking Data via FTP

I published the following diary on isc.sans.edu: “Malicious Script Leaking Data via FTP”:

The last day of 2018, I found an interesting Windows cmd script which was uploaded from India (SHA256: dff5fe50aae9268ae43b76729e7bb966ff4ab2be1bd940515cbfc0f0ac6b65ef) with a very low VT score. The script is not obfuscated and contains a long list of commands based on standard Windows tools. Here are some examples… [Read more]

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.