Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Diaries by Keyword - SANS Internet Storm Center Diaries by Keyword

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title
2022-07-10Guy BruneauExcel 4 Emotet Maldoc Analysis using CyberChef
2022-07-07Brad DuncanEmotet infection with Cobalt Strike
2022-04-20Brad Duncan"aa" distribution Qakbot (Qbot) infection with DarkVNC traffic
2022-04-06Brad DuncanWindows MetaStealer Malware
2022-03-25Xavier MertensXLSB Files: Because Binary is Stealthier Than XML
2022-01-22Xavier MertensMixed VBA & Excel4 Macro In a Targeted Excel Sheet
2022-01-05Xavier MertensCode Reuse In the Malware Landscape
2021-11-19Xavier MertensDownloader Disguised as Excel Add-In (XLL)
2021-09-25Didier StevensStrings Analysis: VBA & Excel4 Maldoc
2021-09-25Didier StevensVideo: Strings Analysis: VBA & Excel4 Maldoc
2021-09-23Xavier MertensExcel Recipe: Some VBA Code with a Touch of Excel4 Macro
2021-09-01Brad DuncanSTRRAT: a Java-based RAT that doesn't care if you have Java
2021-03-03Brad DuncanQakbot infection with Cobalt Strike
2021-02-28Didier StevensMaldocs: Protection Passwords
2021-02-22Didier StevensUnprotecting Malicious Documents For Inspection
2021-02-17Brad DuncanMalspam pushing Trickbot gtag rob13
2021-02-03Brad DuncanExcel spreadsheets push SystemBC malware
2021-01-20Brad DuncanQakbot activity resumes after holiday break
2021-01-14Bojan ZdrnjaDynamically analyzing a heavily obfuscated Excel 4 macro malicious file
2020-12-12Didier StevensOffice 95 Excel 4 Macros
2020-12-09Brad DuncanRecent Qakbot (Qbot) activity
2020-10-26Didier StevensExcel 4 Macros: "Abnormal Sheet Visibility"
2020-08-26Xavier MertensMalicious Excel Sheet with a NULL VT Score
2020-06-12Xavier MertensMalicious Excel Delivering Fileless Payload
2020-06-01Didier StevensXLMMacroDeobfuscator: An Update
2020-04-24Xavier MertensMalicious Excel With a Strong Obfuscation and Sandbox Evasion
2020-04-05Guy BruneauMaldoc XLS Invoice with Excel 4 Macros
2020-03-29Didier StevensObfuscated Excel 4 Macros
2020-03-09Didier StevensMalicious Spreadsheet With Data Connection and Excel 4 Macros
2020-03-06Xavier MertensA Safe Excel Sheet Not So Safe
2020-02-24Didier StevensMaldoc: Excel 4 Macros and VBA, Devil and Angel?
2020-02-23Didier StevensMaldoc: Excel 4 Macros in OOXML Format
2019-11-08Xavier MertensMicrosoft Apps Diverted from Their Main Use
2019-03-25Didier Stevens"VelvetSweatshop" Maldocs: Shellcode Analysis
2019-03-23Didier Stevens"VelvetSweatshop" Maldocs
2019-03-17Didier StevensVideo: Maldoc Analysis: Excel 4.0 Macro
2019-03-16Didier StevensMaldoc: Excel 4.0 Macros
2018-10-10Xavier MertensNew Campaign Using Old Equation Editor Vulnerability
2018-09-28Xavier MertensMore Excel DDE Code Injection
2018-05-22Xavier MertensMalware Distributed via .slk Files
2018-02-02Xavier MertensSimple but Effective Malicious XLS Sheet
2017-04-19Xavier MertensHunting for Malicious Excel Sheets
2015-05-15Didier StevensAnother Maldoc? I'm Afraid So...
2010-03-09John BambenekMarch 2010 - Microsoft Patch Tuesday Diary
2009-07-13Adrien de BeaupreVulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution