PowerShell CRYPTOSTEALER through DNS
54,429
Publicado 2023-05-09
🔥 YOUTUBE ALGORITHM ➡ Like, Comment, & Subscribe!
🙏 SUPPORT THE CHANNEL ➡ jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
🌎 FOLLOW ME EVERYWHERE ➡ jh.live/discord ↔ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/instagram ↔ jh.live/tiktok
💥 SEND ME MALWARE ➡ jh.live/malware
Todos los comentarios (21)
-
Powershell is so cool, you never have to worry about installation. Makes it easier
-
John, you are an amazing Fella who always makes AAA+ quality videos! Huge props to you!! 😊 I really have obtained lots of knowledge from your videos!
-
Already stopped the same attack thanks for this. Also did the malware analysis of the .ps1 file.
-
Love this content! Thank you for the analysis as always ❤️
-
18:35 That looks like someone actually modified the malicious DNS record instead of just removing it XD
-
Sho talented person. translation master and brother.
-
Love these videos 😎!!
-
Thanks man!!
-
That UUID at the top of the script in the registry is probably to change the signature of the script.
-
Great video! Almost went into the rabbit hole together with you :D
-
love your videos sir
-
Powershell stuff is interesting af
-
13:01 and I'm here for it
-
thanks
-
aaawesome !!!
-
Great master
-
uuh, wtf. I found this on a pc two weeks ago, 3 PowerShell files with a name of 4 random characters with the exact same contents. I correctly identified it as a virus and did some research, after deleting it there still remained some other parts which I could not find (I am a noob on this), so wiped everything. Amazing to see a video on it
-
Good stuff here.. thanks What editor is that please
-
coolbase64 package for sublime would be useful for this kind of stuff since you do a lot of decoding ,you can just select and decode in sublime directly
-
I had this too and not sure where I had gotten it.