Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Video: Simple Analysis Of A CVE-2021-40444 .docx Document

Published: 2021-09-19
Last Updated: 2021-09-19 15:28:19 UTC
by Didier Stevens (Version: 1)
0 comment(s)

I created a video for the analysis I described in my last diary entry "Simple Analysis Of A CVE-2021-40444 .docx Document".

I also cover another sample in that video, that is a bit harder to analyze (and has much lower detection rates on VT).

Remark that I always make sure that you can find the samples I analyze on Malware Bazaar too.

And here is the InQuest blog post I mention in the video: "Microsoft MSHTML Remote Code Execution Vulnerability".

The tools I use in this video: zipdump.py, re-search.py and xmldump.py.

 

Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com

Keywords: maldoc mhtml video
0 comment(s)
Diary Archives