all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Bypassing PowerShell Strong Obfuscation, (Thu, Mar 30th)

Add to bookmarks
March 30, 2023, 8:05 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Yesterday, I found a malicious PowerShell script that was heavily obfuscated. The filename is “B0A4.ps1"[1] (SHA256:b4814c8db16ecdd7904e81186715bf2a4b4ba28ef5853a41a8f59824f47f8f24), reported with a very low score on VirusTotal: 6/58. The file size is abnormal for a script like this (496KB). A first look at it reveals that it has been strongly obfuscated:


Article Link: https://isc.sans.edu/diary/rss/29692


1 post - 1 participant


Read full topic

bypassing file filename low malicious obfuscated obfuscation powershell powershell script score script sha256 size virustotal

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Protecting yourself after a medical data breach – Week in security with Tony Anscombe 44 minutes ago | malware.news
breach consequences data data breach +12
$2,063 Bounty Awarded for Privilege Escalation Vulnerability Patched in User Registration WordPress Plugin 49 minutes ago | malware.news
bounty bug bug bounty disclosure +16
LabHost phishing service dismantled in international crackdown 59 minutes ago | malware.news
arrests article as-a-service canada +25
Attacks with CryptoChameleon phishing kit target LastPass users 59 minutes ago | malware.news
article assets attack attacks +18
Cyberattack disrupts Frontier Communications 59 minutes ago | malware.news
article bleepingcomputer communications compromised +12
Octopharma Plasma's US operations shut down due to suspected ransomware attack 59 minutes ago | malware.news
article attack centers donation +9
French hospital impacted by cyberattack 59 minutes ago | malware.news
article bleepingcomputer computers cyberattack +10
Attacks against SAP apps on the rise 59 minutes ago | malware.news
apps article attacks cloud +14
More data broker regulation needed in draft privacy bill 59 minutes ago | malware.news
act american american privacy rights act bill +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Security Engineer, Incident Response

@ Databricks | Remote - Netherlands
View on infosec-jobs.com

Associate Vulnerability Engineer - Mid-Atlantic region (Part-Time)

@ GuidePoint Security LLC | Remote in VA, MD, PA, NC, DE, NJ, or DC
View on infosec-jobs.com

Data Security Architect

@ Accenture Federal Services | Washington, DC
View on infosec-jobs.com

Identity Security Administrator

@ SailPoint | Pune, India
View on infosec-jobs.com
View more jobs