Introduction Last week I came across an interesting email address with an Excel Spreadsheet attachment: There was no content in this email other than FYI and regards. The sender of
Analysis and Deobfuscation of Malicious VBScript URSnif DropperAnalysis and Deobfuscation of Malicious VBScript URSnif Dropper
Introduction On June 25, 2020 I came across the following Tweet posted by @ps66uk emails have an originating IP of 165.138.96.21 WHOIS: Indiana Department of Education@EducateIN pic.twitter.com/6MNjTOmQZz — ps66uk (@ps66uk)