From PowerShell to a Python Obfuscation Race!, (Wed, Jan 29th)

This post was originally published on this site

Attackers like to mix multiple technologies to improve the deployment of their malicious code. I spotted a small script that drops a Python malware. The file was sent on VirusTotal and got a score of 2/60![1] (SHA256:96bb0777a8e9616bc9ca22ca207cf434a947a3e4286c051ed98ddd39147b3c4f). The script starts by downloading and opening a fake Garmin document through Powershell:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.