Unknown malware via VBS fake eml file

Got a very strange one that I can’t quite work out. I received a submission via our system with the message that he had quite few “phishing” type emails with all the same link, but couldn’t get  anything. I tried the link from A UK BT dynamic IP address & got diverted to a payload. I then ran that payload through Anyrun which decoded the powershell script in the vbs file.  Anyrun couldn’t get any payload from that. I could however manually. And that is where I am stuck. I have run the final payload through anyrun which shows various Continue reading →

Read more https://myonlinesecurity.co.uk/unknown-malware-via-vbs-fake-eml-file/

Team Showcase