I published the following diary on isc.sans.edu: “Basic Obfuscation With Permissive Languages”:
For attackers, obfuscation is key to keep their malicious code below the radar. Code is obfuscated for two main reasons: defeat automatic detection by AV solutions or tools like YARA (which still rely mainly on signatures) and make the code difficult to read/understand by a security analyst… [Read more]