A quick post on how to extract AutoHotKey scripts from an AutoHotKey script compiled executable.
Tag: YARA
OneNote Embedded file abuse
In recent weeks OneNote has gotten a lot of media attention as threat actors are abusing the embedded files feature in OneNote in their phishing campaigns. In this post we will analyze this new way of malware delivery and create a detection rule for it.