I published the following diary on isc.sans.edu: “From VBS, PowerShell, C Sharp, Process Hollowing to RAT“: VBS files are interesting to deliver malicious content to a victim’s computer because they look like simple text files. I found an interesting sample that behaves like a dropper. But it looks also like Russian
![](https://blog.rootshell.be/wp-content/uploads/2020/05/isc-featured-image.jpg)