Oh boy, how little did I know… (Re)discovery Well, I thought, even if the file turns out to be non-malicious, there must be a reason for it to be obfuscated. At the same time the file was obfuscated (based on a quick look at FLOSS output) and according to VirusTotal it was detected as “potentially malicious” by several antivirus products. NET binary located in a seemingly legitimate subdirectory under Program Files. Several weeks ago, during one of the investigations, I needed to triage a few potentially malicious Windows executables.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |