Tag: threat research

Deobfuscating PowerShell Code Using Sublime Text

When we think of malware analysis, especially when it comes to the analysis of malicious scripts, we generally don’t think of our noble text editors of anything but… well, text editors. While there are many ways of deobfuscating PowerShell and…

February 14, 2024
Reordered Format String Deobfuscator

This script simply deobfuscates obfuscated PowerShell files or commands which leverage “Format String Reordering” in order to hide its original code. For more information on this obfuscation technique, see: https://www.securonix.com/blog/hiding-the-powershell-execution-flow/ The script has the ability to deobfuscate format strings in an…

February 13, 2024

Deobfuscating PowerShell Code Using Sublime Text