Tag Archives: Decoding

De-obfuscating a PowerShell Script Obfuscated by Invoke-Obfuscation

Here I will be trying to deep dive on how the obfuscation works and what is required to de-obfuscate it. This sample comes from @James_inthe_box posted here https://twitter.com/James_inthe_box/status/928644055054946305 on November 9th 2017. Here is the link to the “pastebin” of … Continue reading

Posted in Malware, security | Tagged , | Leave a comment

Not A DerbyCon Talk part #1

This will be the first in a series (1 of x ) that I was hoping to stuff into a 30 minuet talk at DerbyCon 2017. In hindsight it would be better suited as an informal training session where questions … Continue reading

Posted in Malware, security | Tagged , | Leave a comment

Extracting and decoding malicious macros

The sample used here is from the video from  Karsten Hahn @struppigel . If you have not seen any of them before I would highly recommend checking them out. The video can be found here https://youtu.be/SCJVW1E8dFA The Sample can Be … Continue reading

Posted in Malware, security | Tagged , , | Leave a comment

Decoding Java Script Walk Thru

This is from a request by Herbie Zimmerman‏ @HerbieZimmerman to show how my decoding process works to decode a script found on Payload Security by My Online Security‏ @dvk01uk (Twitter Link to Conversation https://twitter.com/Ledtech3/status/894672552341229568) Link to file download on Payload … Continue reading

Posted in Malware, security | Tagged , | Leave a comment

Decoding Angler Exploit Kit

After my last post Some data on Angler Exploit Kit I had received a request to write up a tutorial on decoding the Angler EK.  The Question is where to start ? Since they seem to be on vacation or … Continue reading

Posted in Malware, Programming, security | Tagged , ,