Threat Level: green Handler on Duty: Daniel Wesemann

SANS ISC: Video: Maldoc Analysis of the Weekend SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Video: Maldoc Analysis of the Weekend

I made a video for yesterday's diary entry "Maldoc Analysis of the Weekend" (the analysis of a Word document with VBA launching a PowerShell command).

The sample I use in this video is different from yesterday's sample: I start with an email (.msg file) containing the maldoc in a password protected ZIP attachment. Unfortunately, I can't share the content of this email. But I'm looking for similar samples that I can share.

 

Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com DidierStevensLabs.com

DidierStevens

484 Posts
ISC Handler
Feb 10th 2019

Sign Up for Free or Log In to start participating in the conversation!