Monthly Archives: April 2018

PowerShell encoding used for Emotet Downloader

I first ran across the SecureString usage in this twitter thread where  @Anyrun_app is talking about a version of “Fake Net” to get all of the C2’s here https://twitter.com/anyrun_app/status/966227622899351552 There are a few methods listed in this thread by different … Continue reading

Posted in Malware, PowerShell, Programming | Tagged , , | Leave a comment