The first part in this series can be found here. In the first part, we ended with a decoded PowerShell script. We will now start to decrypt the payload found inside this PowerShell script:
Article Link: https://isc.sans.edu/diary/rss/29676
The first part in this series can be found here. In the first part, we ended with a decoded PowerShell script. We will now start to decrypt the payload found inside this PowerShell script:
Article Link: https://isc.sans.edu/diary/rss/29676