filmov
tv
Analyzing PowerShell Payloads - Part 4
Показать описание
Example 4: Obfuscated PowerShell payload and 64 bit shellcode analysis
Global Start
Start:
$Id = Get-Process example4 | Select Id ; Get-NetTCPConnection -OwningProcess $Id.Id
--
John Dwyer
--
Disclaimer: Samples shown in the video were pulled from open source intel locations and we don't recommend accessing the associated IPs or domains.
Global Start
Start:
$Id = Get-Process example4 | Select Id ; Get-NetTCPConnection -OwningProcess $Id.Id
--
John Dwyer
--
Disclaimer: Samples shown in the video were pulled from open source intel locations and we don't recommend accessing the associated IPs or domains.
0:07:32
0:07:32
0:08:15
0:06:50
0:17:38
0:09:26
0:06:50
0:08:04
0:08:15
0:10:45
0:17:38
0:09:26
0:08:04
0:10:45
0:13:22
0:16:11
0:07:38
0:39:09
0:26:42
0:01:19
0:13:40
0:01:38
0:25:23
0:05:10