Maldoc Analysis With CyberChef

Published: 2021-01-10
Last Updated: 2021-01-10 14:40:51 UTC
by Didier Stevens (Version: 1)
0 comment(s)

In diary entry "Maldoc Strings Analysis" I show how to analyze a malicious document, by extracting and decoding strings with command-line tools.

In this video, I analyze the same malicious Word document, using CyberChef only. This is possible, because this particular maldoc contains a very long string with the payload, and this string can be extracted without parsing the structure of this .doc file.

I pasted the recipe on pastebin here.

Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com DidierStevensLabs.com

0 comment(s)

Comments

cwqwqwq
eweew<a href="https://www.seocheckin.com/edu-sites-list/">mashood</a>
WQwqwqwq[url=https://www.seocheckin.com/edu-sites-list/]mashood[/url]
dwqqqwqwq mashood
[https://isc.sans.edu/diary.html](https://isc.sans.edu/diary.html)
[https://isc.sans.edu/diary.html | https://isc.sans.edu/diary.html]
What's this all about ..?
password reveal .

Diary Archives