Article: Waiting for the C2 to Show Up, (Fri, Aug 20th) - published about 3 years ago. Content: Keep this in mind: "Patience is key". Sometimes when you are working on a malware sample, you depend on online resources. I'm working on a classic case: a Powershell script decodes then injects a shellcode into a process. There are plenty of tools that help you to have a good idea of a shellcode behavior (like scdbg[1]): https://isc.sans.edu/diary/rss/27772 Published: 2021 08 20 06:42:46 Received: 2021 08 20 09:00:48 Feed: SANS Internet Storm Center, InfoCON: green Source: SANS Internet Storm Center, InfoCON: green Category: Alerts Topic: Vulnerabilities |
Click to Open Code Editor