I’m teaching FOR610[1] this week and today is dedicated to malicious web and document files. That’s a good opportunity to share with you a Windows Script that uses a nice obfuscation technique. The attacker’s idea is to use a big array containing the second stage payload and interesting strings:
Article Link: https://isc.sans.edu/diary/rss/26320