Our neighbors in the Cofense Phishing Defense Center (PDC) recently wrote an article about an interesting phishing email and its associated malware, which can be found here: https://cofense.com/new-phishing-campaign-targets-u-s-taxpayers-dropping-amadey-botnet/
As part of their analysis, they shared an interesting VBscript and I couldn’t resist the urge to deobfuscate it. I was immediately …