Powershell – Page 4 – Computer Security Articles

Malware analysis: decoding Emotet, part 2

June 7, 2018 admin code analysis, downloader, emotet, encryption, malware, Powershell, Threat analysis

Credit to Author: Vishal Thakur| Date: Thu, 07 Jun 2018 15:00:00 +0000

In part two of our series on decoding Emotet, we analyze the PowerShell code flow and structure. We also reconstruct the command-line arguments—for fun!

Categories:

Tags: code analysis downloader emotet encryption powershell

(Read more…)

The post Malware analysis: decoding Emotet, part 2 appeared first on Malwarebytes Labs.

Microsoft Security

Now you see me: Exposing fileless malware

January 24, 2018 admin cybersecurity, fileless malware, malware research, Powershell, Reflective DLL loading, research, script-based attacks, Windows 10, Windows 10 S, Windows Defender Antivirus, Windows Defender ATP, Windows Defender AV, Windows Defender Exploit Guard

Credit to Author: Windows Defender ATP| Date: Wed, 24 Jan 2018 14:00:21 +0000

Attackers are determined to circumvent security defenses using increasingly sophisticated techniques. Fileless malware boosts the stealth and effectiveness of an attack, and two of last years major ransomware outbreaks (Petya and WannaCry) used fileless techniques as part of their kill chains. The idea behind fileless malware is simple: If tools already exist on a device

Microsoft Security

Windows Defender ATP machine learning and AMSI: Unearthing script-based attacks that ‘live off the land’

January 16, 2018 admin Antimalware Scan Interface (AMSI), Antivirus, antivirus software, Cloud Computing, cybersecurity, Fall Creators Update, fileless malware, in-memory attacks, Intelligent Security Graph, machine learning, Next-gen antivirus, Powershell, script-based attacks, Security Intelligence, Security Response, Windows 10, Windows Defender Antivirus, Windows Defender ATP, Windows Defender AV, Windows Defender Exploit Guard

Credit to Author: Windows Defender ATP| Date: Mon, 04 Dec 2017 14:00:07 +0000

Scripts are becoming the weapon of choice of sophisticated activity groups responsible for targeted attacks as well as malware authors who indiscriminately deploy commodity threats. Scripting engines such as JavaScript, VBScript, and PowerShell offer tremendous benefits to attackers. They run through legitimate processes and are perfect tools for living off the landstaying away from the

MalwareBytes Security

Elaborate scripting-fu used in espionage attack against Saudi Arabia Government entity

September 27, 2017 admin espionage, goverment, macro, malware, Microsoft Word, Powershell, saudi arabia, scripting, Threat analysis, Trojan

Credit to Author: Malwarebytes Labs| Date: Wed, 27 Sep 2017 01:06:51 +0000

In this post, we take apart a clever set of scripts used in a targeted attack against the government of Saudi Arabia.

Categories:

Tags: espionage goverment macro microsoft word powershell saudi arabia scripting trojan

MalwareBytes Security

Elaborate scripting-fu used in espionage attack against Saudi Arabia Government

September 27, 2017 admin espionage, goverment, macro, malware, Microsoft Word, Powershell, saudi arabia, scripting, Threat analysis, Trojan

Credit to Author: Malwarebytes Labs| Date: Wed, 27 Sep 2017 01:06:51 +0000

In this post, we take apart a clever set of scripts used in a targeted attack against the government of Saudi Arabia.

Categories:

Tags: espionage goverment macro microsoft word powershell saudi arabia scripting trojan

MalwareBytes Security

Learning PowerShell: basic programs

August 4, 2017 admin 101, certificates, How-tos, Pieter Arntz, Powershell, program, script

Credit to Author: Pieter Arntz| Date: Fri, 04 Aug 2017 18:00:35 +0000

In this last part of the short series about the basics of PowerShell we assemble a small script from scratch and explain how it works.

Categories:

Tags: certificates Pieter Arntz powershell program script

(Read more…)

The post Learning PowerShell: basic programs appeared first on Malwarebytes Labs.

MalwareBytes Security

Learning PowerShell: some basic commands

August 1, 2017 admin 101, certificates, commands, How-tos, Pieter Arntz, Powershell, Trojan, Vonteera

Credit to Author: Pieter Arntz| Date: Tue, 01 Aug 2017 15:00:12 +0000

We are going to construct some basic Powershell commands and explain how they work just to show you how useful Powershell can be. For good and for bad.

Categories:

Tags: certificates commands Pieter Arntz powershell trojan Vonteera

(Read more…)

The post Learning PowerShell: some basic commands appeared first on Malwarebytes Labs.

MalwareBytes Security

A week in security (July 10 – July 16)

July 17, 2017 admin a week in security, EternalPetya, malware, news, Petya, Powershell, ransomware, roundup, Security, Security world, Week in security

Credit to Author: Malwarebytes Labs| Date: Mon, 17 Jul 2017 19:43:31 +0000

A compilation of security news and blog posts from the 10th of July to the 16th. We go over our PowerShell, an overview of the Petya ransomware family, and more.

Categories:

Tags: a week in security EternalPetya malware news petya powershell ransomware roundup security

(Read more…)

The post A week in security (July 10 – July 16) appeared first on Malwarebytes Labs.