|
Reader Roland submitted a malicious Zloader Excel 4 macro spreadsheet (MD5 82c12e7fe6cabf5edc0bdaa760b4b8c8). It's typical of the samples we have seen these last weeks, with heavy formula obfuscation:
These maldocs can now easily be analysed with xlm-deobfuscator:
I also created a short video: Didier Stevens |
DidierStevens 650 Posts ISC Handler May 25th 2020 |
| Thread locked Subscribe |
May 25th 2020 2 years ago |
Sign Up for Free or Log In to start participating in the conversation!
https://www.sans.edu
