SANS ISC

[SANS ISC] PowerShell Script with a builtin DLL

I published the following diary on isc.sans.edu: “PowerShell Script with a builtin DLL“:

Attackers are always trying to bypass antivirus detection by using new techniques to obfuscate their code. I recently found a bunch of scripts that encode part of their code in Base64. The code is decoded at execution time and processed via the ‘IEX’ command… [Read more]

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.