Deobfuscation
Deobfuscate PowerShell using PowerShell Logging
We will use inbuilt PowerShell Logging in Windows 10 VM to deobfuscate PowerShell code used to deliver Emotet & Qakbot. Malware uses PowerShell mostly to download payload from CC and execute it. Why do we need to do this? Easy technique to deobfuscate PowerShell without using any external tool Extract…
Read More