i’ve seen a fair amount of malware that brings along its own DNS configuration. wonder what kind of signal this is? in the meantime, lets identify this behavior with capa:
@williballenthin
i’ve seen a fair amount of malware that brings along its own DNS configuration. wonder what kind of signal this is? in the meantime, lets identify this behavior with capa: