As part of some current research that I am doing, I decided to analyse malicious samples in VBS and PS1 formats to understand what techniques APTs and malicious actors are using for obfuscation. This led me to discovering AsyncRAT which I reverse engineered and wanted to share my experiences / findings with the community.
AsyncRAT is the name of a remote access or administration tool which is used to control computers remotely. However, Chinese APT groups have been observed to be using this to …