Introduction Last week I came across an interesting email address with an Excel Spreadsheet attachment: There was no content in this email other than FYI and regards. The sender of
Month: July 2020
Analysis and Deobfuscation of Malicious VBScript URSnif DropperAnalysis and Deobfuscation of Malicious VBScript URSnif Dropper
Introduction On June 25, 2020 I came across the following Tweet posted by @ps66uk emails have an originating IP of 165.138.96.21 WHOIS: Indiana Department of Education@EducateIN pic.twitter.com/6MNjTOmQZz — ps66uk (@ps66uk)