obfuscation – Page 11 – WindowsTechs.com

[SANS ISC] Malicious Excel With a Strong Obfuscation and Sandbox Evasion

Posted on April 24, 2020 by Xavier

I published the following diary on isc.sans.edu: “Malicious Excel With a Strong Obfuscation and Sandbox Evasion“: For a few weeks, we see a bunch of Excel documents spread in the wild with Macro V4. But VBA macros remain a classic way to drop the next stage of the attack on the

[The post [SANS ISC] Malicious Excel With a Strong Obfuscation and Sandbox Evasion has been first published on /dev/random]

Continue reading [SANS ISC] Malicious Excel With a Strong Obfuscation and Sandbox Evasion→

Obfuscated WordPress Malware Dropper

Posted on April 21, 2020 by Luke Leal

It goes without saying that evasive maneuvering is at the top of a hacker’s priority list. Most often, they try to evade detection by obfuscating their malicious code to make it unreadable to the naked eye.
In our recent post we demonstrated how… Continue reading Obfuscated WordPress Malware Dropper→

Web Skimmer with a Domain Name Generator

Posted on April 17, 2020 by Denis Sinegubko

Our security analyst Moe Obaid recently found yet another variation of a web skimmer script injected into a Magento database.
The malicious script loads the credit card stealing code from qr201346[.]pw and sends the stolen details to hxxps://gooogleta… Continue reading Web Skimmer with a Domain Name Generator→

Can someone decode this for me?

Posted on April 11, 2020 by Neo Son

I decoded some of the original traffic from hex and got the below output. I’m not sure how to decode it further. Any help? Thanks.

T=2020-04-10+13:27:30.758+PST&L=i&M=[g2tray]&N=22&X=6/A3eZDCME9jCLvH9D6cciMZAFUWx2xUayI+JAb… Continue reading Can someone decode this for me?→

Industry secure file format like .OFX Open Financial Exchange File [closed]

Posted on April 1, 2020 by tommy22

The .OFX Open Financial Exchange File is a file format created for financial data exchanges between financial institutions.

I was wondering if in the IT security realm, such a file format exists.

My goal would be to use and customize it … Continue reading Industry secure file format like .OFX Open Financial Exchange File [closed]→

Creating a fully undetectable Payload [closed]

Posted on March 30, 2020 by user230968

I’ve been looking into ethical hacking recently and I’ve been really struggling to create a truly fully undetectable payload that evades AV (Windows Defender I’m fine at avoiding.) I’ve tried various options (listed below) and none so far … Continue reading Creating a fully undetectable Payload [closed]→

How to deobfuscate malicious PHP code [duplicate]

Posted on March 28, 2020 by sqrroot

This is my first malware analyis, so apologies for my probably noob-like question.
I’m having a look at a website running an outdated version of Wordpress which was hacked. The Website runs on a shared hosting.

I managed to identify the … Continue reading How to deobfuscate malicious PHP code [duplicate]→

Is there any existing obfuscation scheme that makes cipher text indistinguishable from plain text? [migrated]

Posted on March 22, 2020 by zypA13510

Suppose a totalitarian government (in the name of anti-terrorism / protection of intellectual property):

has outlawed encryption itself – encryption is only approved for cases where the state has reviewed the design and made sure it can … Continue reading Is there any existing obfuscation scheme that makes cipher text indistinguishable from plain text? [migrated]→

Banking App With Sensitive Info In Plain Text

Posted on March 2, 2020 by Grafica

I have a car loan and wanted to make a payment through their website. To enroll for online payments, it asks for the last 4 numbers of my social security number, birth date and account number, but when I type those fields, it’s in plain te… Continue reading Banking App With Sensitive Info In Plain Text→

[SANS ISC] Simple but Efficient VBScript Obfuscation

Posted on February 22, 2020 by Xavier

I published the following diary on isc.sans.edu: “Simple but Efficient VBScript Obfuscation“: Today, it’s easy to guess if a piece of code is malicious or not. Many security solutions automatically detonate it into a sandbox by security solutions. This remains quick and (most of the time still) efficient to have a first

[The post [SANS ISC] Simple but Efficient VBScript Obfuscation has been first published on /dev/random]

Continue reading [SANS ISC] Simple but Efficient VBScript Obfuscation→