Tinkering around with some at a client's today. Something they've been battling with for a while. I was thinking of doing a talk at @dallas_hackers but I think somebody covered almost exactly the same thing last night. PowerShell running PowerShell decoding base64 encoded DLLs and injecting into memory.

@j_angliss - Always good to see your specific methodology on how to reverse and analyze malware! Give a talk on it!

Sign in to participate in the conversation
Mastodon for Tech Folks

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!