Obfuscation and Detection Techniques
In this technical documentation DOSfuscation, first introduced in Black Hat Asia 2018. The study was conducted for 9 months, in which the possibilities of cmd.exe were explored for entangling command-line arguments in several layers, using numerous multi-level methods. And also this study includes the development of coding methods from existing building blocks cmd.exe and write fuzzers to create thousands of samples of obfuscation teams.
Since intruders continue to rely on these methods, defenders must constantly adjust detection methods to keep up with evasion.
Perhaps this study allows advocates to more effectively understand and develop reliable detection capabilities for the genre cmd.exe
obfuscation, which is DOSfuscation.