Proof of concept WMI virus (zero-day)
(github.com/pulpocaminante)
Proof of concept WMI virus. Does what it looks like it does. Virus isn't stored on the filsystem (in any way an AV would detect), but within the WMI. Contains PoC code for extracting it from the WMI- which can also be achieved at boot from within the WMI itself using powershell. So, self-extracting WMI virus that never touches the disk.
Proof of concept WMI virus. Does what it looks like it does. Virus isn't stored on the filsystem (in any way an AV would detect), but within the WMI. Contains PoC code for extracting it from the WMI- which can also be achieved at boot from within the WMI itself using powershell. So, self-extracting WMI virus that never touches the disk.