From Highly Obfuscated Batch File to XWorm and Redline, (Mon, Aug 26th)

This post was originally published on this site

If you follow my diaries, you probably already know that one of my favorite topics around malware is obfuscation. I'm often impressed by the crazy techniques attackers use to make reverse engineers' lives more difficult. Last week, I spotted a file called "crypted.bat" (SHA256: 453c017e02e6ce747d605081ad78bf210b3d0004a056d1f65dd1f21c9bf13a9a) which is detected by no antivirus according to VT[1]. It deserved to be investigated!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.