Tag: threat research

  • Deobfuscating PowerShell Code Using Sublime Text

    Deobfuscating PowerShell Code Using Sublime Text

    When we think of malware analysis, especially when it comes to the analysis of malicious scripts, we generally don’t think of our noble text editors of anything but… well, text editors. While there are many ways of deobfuscating PowerShell and…

  • Reordered Format String Deobfuscator

    Reordered Format String Deobfuscator

    This script simply deobfuscates obfuscated PowerShell files or commands which leverage “Format String Reordering” in order to hide its original code. For more information on this obfuscation technique, see: https://www.securonix.com/blog/hiding-the-powershell-execution-flow/ The script has the ability to deobfuscate format strings in an…