Hello Reader,
Tonight I'm applying my Syscache research in some casework and while testing things out I realized something that I don't think was properly documented before. The Syscache SHA-1 hashes appear to be base16 hashes not base32 hashes. So before you begin looking for that malicious executable make sure you've generated the correct hash!
Tonight I'm applying my Syscache research in some casework and while testing things out I realized something that I don't think was properly documented before. The Syscache SHA-1 hashes appear to be base16 hashes not base32 hashes. So before you begin looking for that malicious executable make sure you've generated the correct hash!
Posts
No comments:
Post a Comment