Eric Lawrence 🎻 Retweeted John Lambert
Malware in C# in VBScript in XML. Someone was going for a (de)merit badge.https://twitter.com/JohnLaTwC/status/1042041612522549249 …
Eric Lawrence 🎻 added,
John Lambert @JohnLaTwC
If you didn't know MSXSL files could be used to trigger code, have a look at this payload generated by SharpShooter.
https://www.virustotal.com/#/file/172c90e7d9814d066134fe6779f704cc542d7126f7c6ed0ce8c3cd3632fd7d2d/detection …
https://gist.github.com/JohnLaTwC/e1e7113eda3b0d38140ea2b66a05f7a3 …
https://github.com/mdsecactivebreach/SharpShooter …
cc/ @domchell pic.twitter.com/mWudryuoh6
https://www.virustotal.com/#/file/172c90e7d9814d066134fe6779f704cc542d7126f7c6ed0ce8c3cd3632fd7d2d/detection …
https://gist.github.com/JohnLaTwC/e1e7113eda3b0d38140ea2b66a05f7a3 …
https://github.com/mdsecactivebreach/SharpShooter …
cc/
0 replies
1 retweet
7 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.