with a hardcoded four-byte key. The shellcode in turn triggers the GhostScript vulnerability in order to execute an embedded DLL that has also been XORed. A PwnCode.Club blogpost details the deobfuscation of the shellcode and loading of the DLL into memory. 2 - $400,000 Stolen in Lumens BlackWallet T

Hangul Word Processor document. • The attack chain occurs in multiple stages with the PostScript deobfuscating a first stage shellcode that's been XORed with a hardcoded four-byte key. The shellcode in turn triggers the GhostScript vulnerability in order to execute an embedded DLL that has also been