Video: Analyzing Malicious OneNote Documents
I recorded a video for my diary entry "Detecting (Malicious) OneNote Files".
It shows how I familiarized myzelf with the .one file format, enough to know how to extract embedded files, wrote a tool (onedump.py) and take a look at detection rules.
Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com
×
Diary Archives
Comments