Closed dakinedakine99 closed 1 year ago
@dakinedakine99, thank you for the submission!
Before approval, I need a little more info about this! Many other components of Windows management actually use base64 Powershell encoding (one of them is already a WTFbin!). Please decode one of these commands and provide that screenshot as well to indicate what this executable is really doing.
Don't want to include the entire command since it includes network info, but mainly regexes related to network vulnerabilities. I assume this is for transparency. masquerading potential imo.
sensendr.exe "encoded text", there's no decode, so not that big of a deal, but still, wtf.
Added in c2fb3fc4da2041d2b2d867170da3a51363903490
@dakinedakine99 What base64 is used for the sensendr.exe ? Tried a whole bunch of formats UTF-8, UTF-16 with Cyberchef but cannot decrypt. I see from your screenshot you are using Cyberchef, can you give me the recipe please? Thanks
This is what I used