So this is probably off topic but I have come across an unusual .gif. Now, my script had prevented this malicious attempt but allowed me to find the file on the malicious server attempting to upload. I have saved the file and am curious as to what is hidden within the gif.

Any ideas on how to proceed? I have done some digging and I am not entirely sure what I am looking for. I am confident that this is a malicious gif with some type of encoded string inside of it (gif is 807bytes).

Thanks!

    Try the way I do to check possible malicious files. Grab a virtual machine and just run it. If it is malicious, delete the virtual machine. VMPlayer is a freebie for windows that can run nix virtual machines and they are freebies too.

      Write a Reply...