Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Internet Storm Center - SANS Internet Storm Center Internet Storm Center


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Latest Diaries

A malicious word document with a VBA form - video

Published: 2018-04-21
Last Updated: 2018-04-21 21:36:13 UTC
by Didier Stevens (Version: 1)
0 comment(s)

I created a video of my last diary entry's sample:

 

Didier Stevens
Microsoft MVP Consumer Security
blog.DidierStevens.com DidierStevensLabs.com

Keywords: form maldoc vba
0 comment(s)

If you have more information or corrections regarding our diary, please share.

Recent Diaries

Malspam pushing ransomware using two layers of password protection to avoid detection
Apr 20th 2018
1 day ago by Brad (0 comments)

Back to Basics: Backups and Data Recovery "The Home Office Edition"
Apr 19th 2018
2 days ago by Richard (2 comments)

Webshell looking for interesting files
Apr 18th 2018
3 days ago by Xme (0 comments)

A Review of Recent Drupal Attacks (CVE-2018-7600)
Apr 17th 2018
4 days ago by Johannes (0 comments)

A malicious word document with a VBA form
Apr 16th 2018
5 days ago by DidierStevens (0 comments)

Metasploit's Payload UUID
Apr 15th 2018
6 days ago by DidierStevens (0 comments)

Getting Incident Response Help from Richard Feynman
Apr 15th 2018
6 days ago by Kevin Liston (0 comments)

View All Diaries →

Latest Discussions

MinerPool Threat Feed info
created Apr 4th 2018
2 weeks ago by Anonymous (0 replies)

DShield on RPi returns no mySQL when running /home/pi/install/dshield/bin/status.sh
created Mar 29th 2018
3 weeks ago by nekton89 (0 replies)

Splunk: Any way to fetch logs via ssh
created Mar 15th 2018
1 month ago by Anonymous (1 reply)

Possible new worm activity
created Mar 13th 2018
1 month ago by Anonymous (0 replies)

Detecting the memcached issue
created Mar 9th 2018
1 month ago by David (0 replies)

View All Forums →

Latest News

View All News →

Top Diaries

Wide-scale Petya variant ransomware attack noted
Jun 27th 2017
9 months ago by Brad (6 comments)

Using a Raspberry Pi honeypot to contribute data to DShield/ISC
Aug 3rd 2017
8 months ago by Johannes (16 comments)

Detection Lab: Visibility & Introspection for Defenders
Dec 15th 2017
4 months ago by Russ McRee (2 comments)

Second Google Chrome Extension Banker Malware in Two Weeks
Aug 29th 2017
7 months ago by Renato (0 comments)

Maldoc with auto-updated link
Aug 17th 2017
8 months ago by Xme (2 comments)