Palo Alto Networks

Nymaim

The Curious Case of Notepad and Chthonic: Exposing a Malicious Infrastructure

Recently, I’ve been investigating malware utilizing PowerShell and have spent a considerable amount of time refining ways to identify new variants of attacks as they appear. This posting is a follow-up of my previous work on this subject in  "Pulling Back the Curtains on EncodedCommand PowerShell Attacks".

In a sample I recently analyzed, something stood out as extremely suspicious which led me down a rabbit hole, uncovering malicious infrastructure supp...

Aug 15, 2017

Subscribe to Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.