I published the following diary on isc.sans.edu: “Simple Mimikatz & RDPWrapper Dropper“:
Let’s review a malware sample that I spotted a few days ago. I found it interesting because it’s not using deep techniques to infect its victims. The initial sample is a malicious VBScript. For a few weeks, I started to hunt for more Powershell based on encoded directives. The following regular expression matched on the file… [Read more]
[The post [SANS ISC] Simple Mimikatz & RDPWrapper Dropper has been first published on /dev/random]