obfuscation – Page 12 – WindowsTechs.com

[SANS ISC] Sandbox Detection Tricks & Nice Obfuscation in a Single VBScript

Posted on February 7, 2020 by Xavier

I published the following diary on isc.sans.edu: “Sandbox Detection Tricks & Nice Obfuscation in a Single VBScript“: I found an interesting VBScript sample that is a perfect textbook case for training or learning purposes. It implements a nice obfuscation technique as well as many classic sandbox detection mechanisms. The script

[The post [SANS ISC] Sandbox Detection Tricks & Nice Obfuscation in a Single VBScript has been first published on /dev/random]

Continue reading [SANS ISC] Sandbox Detection Tricks & Nice Obfuscation in a Single VBScript→

Base64 decode help [duplicate]

Posted on February 1, 2020 by Neo Son

I’m trying to decode the following

YX7hoO5Tl2FLaFlPNEcDJm4nx7l3CGw9pIdSFglrWyxWDa8peCCNal0hr95pWtEbygiOGWzfSzmO8Nc1gOnvFHWw==

One decoder said “Data is not a valid byteArray: [97,126,225,160,238,83…”
Another decoder said “a~SaKhYO4G&am… Continue reading Base64 decode help [duplicate]→

Help with decoding this? Base64 attack [closed]

Posted on January 31, 2020 by Neo Son

I’m trying to decode this attack. I know it’s attempting to send some kind of malicious command to the web server but I can’t figure out how to decode it. It’s like encoded more than once or something. I don’t know. I’ve looked around and … Continue reading Help with decoding this? Base64 attack [closed]→

Hacked Website Threat Report – 2019

Posted on January 28, 2020 by Rianna MacLeod

The threat landscape for website owners is constantly shifting on a regular basis — and it’s becoming increasingly more complex. As attackers continue to develop tools and find new vulnerabilities to massively exploit, our team works dilig… Continue reading Hacked Website Threat Report – 2019→

Are there any open-source metamorphic engines for AV evasion?

Posted on January 26, 2020 by chillsauce

I was wondering whether there were any open-source metamoprhic engines that can be used to transform binary code. What I am looking for are code transformation tools that do not use encryption, but rather add to or rearrange the existing c… Continue reading Are there any open-source metamorphic engines for AV evasion?→

[SANS ISC] Complex Obfuscation VS Simple Trick

Posted on January 23, 2020 by Xavier

I published the following diary on isc.sans.edu: “Complex Obfuscation VS Simple Trick“: Today, I would like to make a comparison between two techniques applied to malicious code to try to bypass AV detection. The Emotet malware family does not need to be presented. Very active for years, new waves of

[The post [SANS ISC] Complex Obfuscation VS Simple Trick has been first published on /dev/random]

Continue reading [SANS ISC] Complex Obfuscation VS Simple Trick→

Packaging Python code for github: should I obfuscate author email address from the `setup.py`?

Posted on January 13, 2020 by PlasmaBinturong

The standard file with packaging instructions (setup.py with setuptools) for Python contains an author_email field. Such a package can then be published to PyPI, but the code is also available publicly on github.

Am I unnece… Continue reading Packaging Python code for github: should I obfuscate author email address from the `setup.py`?→

Joker Android Malware Snowballs on Google Play

Posted on January 13, 2020 by Tara Seals

Google has removed 17,000 Joker-infested apps from the Play store to date. Continue reading Joker Android Malware Snowballs on Google Play→

Another Fake Google Domain: fonts.googlesapi.com

Posted on December 2, 2019 by Luke Leal

Our Remediation team lead Ben Martin recently found a fake Google domain that is pretty convincing to the naked eye.
The malicious domain was abusing the URL shortener service is.gd: shortened URLs were being injected into the posts table of the clien… Continue reading Another Fake Google Domain: fonts.googlesapi.com→

Black Friday/Cyber Monday Ecommerce Security Threats

Posted on November 25, 2019 by Luke Leal

With the end of November comes the height of the holiday shopping season — specifically Black Friday and Cyber Monday sales, which typically span the last calendar days of November into the first week of December.
As consumer behavior changes an… Continue reading Black Friday/Cyber Monday Ecommerce Security Threats→