Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

[SANS ISC] Deobfuscation of Malware Delivered Through a .bat File

published on 2023-07-20 08:40:01 UTC by Xavier
Content:

Today, I published the following diary on isc.sans.edu: “Deobfuscation of Malware Delivered Through a .bat File“:

I found a phishing email that delivered a RAR archive (password protected). Inside the archive, there was a simple .bat file (SHA256: 57ebd5a707eb69dd719d461e1fbd14f98a42c6c3dcb8505e4669c55762810e70) with the following name: “SRI DISTRITAL – DPTO DE COBRO -SRI Informa-Deuda pendiente.bat”. Its current VT score is only 1/59!

Let’s have a look at this file! After the classic “@echo off”, there is a very long line that looks like a payload, it starts with “::”, a comment in .bat files (a common alternative to the REM command)… [Read more]

The post [SANS ISC] Deobfuscation of Malware Delivered Through a .bat File appeared first on /dev/random.

Article: [SANS ISC] Deobfuscation of Malware Delivered Through a .bat File - published over 1 year ago.

https://blog.rootshell.be/2023/07/20/sans-isc-deobfuscation-of-malware-delivered-through-a-bat-file/   
Published: 2023 07 20 08:40:01
Received: 2023 07 20 09:20:33
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security
Views: 1

Custom HTML Block

Click to Open Code Editor