Mallox Ransomware Found Evading AMSI Detection Using New PowerShell Script
Mallox Ransomware Found Evading AMSI Detection Using New PowerShell Script
27 December 2023
The PowerShell script uses a technique developed by a researcher in 2022, which involves patching the Windows Defender registered DLL for AMSI with a shellcode to overwrite the function that scans PowerShell scripts.