Threat Level: green Handler on Duty: Russell Eubanks

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2019-02-03 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Video: Analyzing a Simple HTML Phishing Attachment

Published: 2019-02-03
Last Updated: 2019-02-03 23:46:06 UTC
by Didier Stevens (Version: 1)
1 comment(s)

Reader Carlos submitted an email with an attachment. It's a phishing email, the attachment is an HTML file, although the criminals try to make the recipient believe that it is a PDF file.

In this video, I show how you can use my tool oledump.py to extract the attachment from the email (.msg file) for further analysis, without requiring Outlook (or Windows). I give a couple of simple tips to find the phishing URL(s) quickly.


Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com DidierStevensLabs.com

Keywords: phishing
1 comment(s)
Diary Archives