I published the following diary on isc.sans.org: “Malicious Powershell Targeting UK Bank Customers”:
I found a very interesting sample thanks to my hunting rules… It is a PowerShell script that was uploaded on VT for the first time on the 16th of May from UK. The current VT score is still 0/59. The upload location is interesting because the script targets major UK bank customers as we will see below… [Read more]
[The post [SANS ISC] Malicious Powershell Targeting UK Bank Customers has been first published on /dev/random]
Article Link: https://blog.rootshell.be/2018/05/19/sans-isc-malicious-powershell-targeting-uk-bank-customers/