Reverse Engineering Asked by Sean W. on August 17, 2021
I have a VBScript (.vbs) file that is a malware dropper. It executes correctly in a commercial malware sandbox. but does not act the same in my manual analysis lab, and I need to figure out why. The script is heavily obfuscated (i.e. not simply using execute
), and I don’t know how to begin to analyze it.
So far, i’ve tried the open source tool ViperMonkey, put it failed to trace the script.
Any suggestions?
Try running the following from the command line:
cscript /x .malwaresample.vbs
That should open it up in Visual Studios and allow you to step through it.
Answered by Jimmy D on August 17, 2021
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP