Paul Melson๐งตโ
Today's reverse engineering adventure begins when we find a suspicious file staged on paste[.]io. It's a PowerShell script that decodes a large base64 string to a file named "x.bat". Easy enough to decode, but that's just the beginning.
Today's reverse engineering adventure begins when we find a suspicious file staged on paste[.]io. It's a PowerShell script that decodes a large base64 string to a file named "x.bat". Easy enough to decode, but that's just the beginning.
Andrew ๐ป Brandt ๐