MuddyWater APT Phishing Campaign Sample Download

Posted Under: PowerShell on Oct 13, 2018
MuddyWater is a relatively new APT that surfaced in 2017. It has focused mainly on governmental targets in Iraq and Saudi Arabia, according to past telemetry. However, the group behind MuddyWater has been known to target other countries in the Middle East, Europe and the US.

OilRig BONDUPDATER Malware Sample

Posted Under: PowerShell on Sep 19, 2018
OilRig a threat actor actively know from 2016, now uses a new threat vector BONDUPDATER malware. It target middle eastern oil producing countries. It uses spear phishing email campaigns to propagate itself.

PowerPool Malware Sample

Posted Under: PowerShell on Sep 8, 2018
PowerPool malware exploits a 0-day vulnerability in Microsoft Windows 7 to 10. This 0-day vulnerability targets the Advanced Local Procedure Call (ALPC) allows non-admin user to gain administrative privileges.

Determine Installed PowerShell Engine Version

Posted Under: PowerShell on Aug 18, 2018
In order to check the current installed version of PowerShell use PSVersionTable.PSVersion. If PSVersion variable does not exists them it is Version 1.0, as it was available at that time.

Rozena Malware Sample Download

Posted Under: PowerShell on Jul 4, 2018
Rozena belongs to a growing family of file less malware. Its executable is disguised with Microsoft Office Word Document's icon that lure its victim to open it. Upon execution, it creates a file in Windows Temporary folder with a filename Hi6kI7hcxZwUI.
© Tutorial Jinni