Intel Name: Suspicious file encoded to base64 via certutil.exe
Date of Scan: January 7, 2025
Impact: High
Summary: “Suspicious File Encoded To Base64 Via Certutil.EXE” examines the use of the Certutil tool with the “encode” flag to convert files into Base64 encoding. This technique is often employed by malicious actors to obfuscate files, particularly when the file extensions appear suspicious. The report highlights how the encoded files may evade detection and the importance of monitoring and analyzing such activity to identify potential threats.