all InfoSec news
A Batch File With Multiple Payloads, (Fri, Jan 26th)
Malware Analysis, News and Indicators - Latest topics malware.news
Windows batch files (.bat) are often seen by people as very simple but they can be pretty complex or… contain interesting encoded payloads! I found one that contains multiple payloads decoded and used by a Powershell process. The magic is behind how comments can be added to such files. The default (or very common way) is to use the “REM” keyword. But you can also use a double-colon:
Article Link: https://isc.sans.edu/diary/rss/30592
1 post - 1 participant
bat batch can comments default file files found magic people powershell process simple windows