platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.
First slide label
Some representative placeholder content for the first slide.
Second slide label
Some representative placeholder content for the second slide.
Third slide label
Some representative placeholder content for the third slide.
Fileless Powershell Dropper, (Mon, Oct 17th)
published on 2022-10-18 08:04:23 UTC by Content:
I found an interesting Powershell script that drops a malware on the victim's computer. The dropped malware is not new (It's kinda old, though) but the dropper has a very low Virustotal score. The script was detected by one of my hunting rules on VT. It is called "autopowershell.ps1" and has only a score of 3/61 (SHA256:3750576978bfd204c5ac42ee70fb5c21841899878bacc37151370d23e750f8c4)[1]. By "fileless", it means that the malware tries to reduce at the minimum interactions with the file system. But, to achieve persistence, it must write something on the disk. Most of the time, it's done through registry keys. That's what happens with this sample: