Invoke-DOSfuscation is a PowerShell v2.0+ compatible cmd.exe command obfuscation framework. (White paper: https://www.fireeye.com/blog/threat-research/2018/03/dosfuscation-exploring-obfuscation-and-detection-techniques.html) Over the past several years we witnessed a myriad of obfuscation and evasion techniques employed by several threatRead More →

Embedding a shortcut (.lnk file) which points to powershell (accompanied by an encoded command) in a word document or zip file is a known sneaky trick to spread malware. TheRead More →