[SANS ISC] PowerShell Sample Extracting Payload From SSL

I published the following diary on isc.sans.edu: “PowerShell Sample Extracting Payload From SSL“:

Another diary, another technique to fetch a malicious payload and execute it on the victim host. I spotted this piece of Powershell code this morning while reviewing my hunting results. It implements a very interesting technique. As usual, all the code snippets below have been beautified. First, it implements a function to reverse obfuscated strings… [Read more]

[The post [SANS ISC] PowerShell Sample Extracting Payload From SSL has been first published on /dev/random]

Article Link: https://blog.rootshell.be/2020/04/10/sans-isc-powershell-sample-extracting-payload-from-ssl/