Jump to content

Fileless malware


mark77

Recommended Posts

Hello,

Any recommendations on tools or approach to pull apart the binary memory fragment payload of a fileless malware ?

Ghidra opens it as ram and if I dig about I can find functions but I can't work out the file structure.

Virustotal says no virus, hybrid analysis does not know what to do with the file,

I still have some powershell to deobsficate but am certain it is just the memory loader,

Any advice ?

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.