Reader Roland submitted a malicious Zloader Excel 4 macro spreadsheet (MD5 82c12e7fe6cabf5edc0bdaa760b4b8c8). It's typical of the samples we have seen these last weeks, with heavy formula obfuscation: These maldocs can now easily be analysed with xlm-deobfuscator: I also created a short video: Didier Stevens |
DidierStevens 548 Posts ISC Handler May 25th 2020 |
Thread locked Subscribe |
May 25th 2020 10 months ago |
Sign Up for Free or Log In to start participating in the conversation!