“... the PowerShell script connects to a dotless IP address (example: hxxp://3627732942) to download the final payload.
What is Dotless IP Address? referred as 'Decimal Address,' the decimal values of IPv4 addresses... Almost all modern web browsers resolve decimal IP address to its equivalent IPV4 address...”
https://thehackernews.com/2018/01/microsoft-office-malware.html
No comments:
Post a Comment