|
I created a video showing how to de-obfuscate a DOSfuscated PowerShell command obtained from a maldoc I analyzed in diary entry "De-DOSfuscation Example": This is the obfuscated command:
In the video, I rely mainly on my tool numbers-to-string to do the de-obfuscation.
Didier Stevens |
DidierStevens 639 Posts ISC Handler Dec 29th 2018 |
| Thread locked Subscribe |
Dec 29th 2018 3 years ago |
Sign Up for Free or Log In to start participating in the conversation!
https://www.sans.edu
