all InfoSec news
MSIX With Heavily Obfuscated PowerShell Script, (Fri, Feb 9th)
Malware Analysis, News and Indicators - Latest topics malware.news
A few months ago, we saw waves of MSIX malicious packages[1] dropping malware once installed on victim’s computers. I started to hunt for such files and saw a big decrease in interesting hints. Today, my YARA rule triggered a new sample. Called “Rabby-Wallet.msix”, the file has a VT score of 8/58[2]
Article Link: https://isc.sans.edu/diary/rss/30636
1 post - 1 participant
big called computers file files hunt malicious malicious packages malware msix obfuscated packages powershell powershell script sample score script today victim wallet yara yara rule