I published the following diary on isc.sans.org: “Some Powershell Malicious Code“.
Powershell is a great language that can interact at a low-level with Microsoft Windows. While hunting, I found a nice piece of Powershell code. After some deeper checks, it appeared that the code was not brand new but it remains interesting to learn how a malware infects (or not) a computer and tries to collect interesting data from the victim… [Read more]
[The post [SANS ISC] Some Powershell Malicious Code has been first published on /dev/random]
Article Link: https://blog.rootshell.be/2017/10/31/sans-isc-powershell-malicious-code/