Comments

fake receipt malspam delivers GandCrab ransomware via pdf dropping macro dropping exploit file — 1 Comment

  1. sct5 POC is here
    hxxps://media.defcon.org/DEF%20CON%2021/DEF%20CON%2021%20presentations/Joe%20Bialek/Extras/DEFCON-21-Invoke-ReflectivePEInjection.ps1.txt

    Search for function Invoke-GandCrab in sct5 to get base64 encoding.

Leave a Reply

Your email address will not be published. Required fields are marked *