2021-01-18 | Didier Stevens | Doc & RTF Malicious Document |
2021-01-10 | Didier Stevens | Maldoc Analysis With CyberChef |
2021-01-09 | Didier Stevens | Maldoc Strings Analysis |
2020-12-24 | Xavier Mertens | Malicious Word Document Delivering an Octopus Backdoor |
2020-12-15 | Didier Stevens | Analyzing FireEye Maldocs |
2020-11-22 | Didier Stevens | Quick Tip: Extracting all VBA Code from a Maldoc - JSON Format |
2020-10-31 | Didier Stevens | More File Selection Gaffes |
2020-10-26 | Didier Stevens | Excel 4 Macros: "Abnormal Sheet Visibility" |
2020-08-31 | Didier Stevens | Finding The Original Maldoc |
2020-08-29 | Didier Stevens | Malicious Excel Sheet with a NULL VT Score: More Info |
2020-08-19 | Xavier Mertens | Example of Word Document Delivering Qakbot |
2020-08-16 | Didier Stevens | Small Challenge: A Simple Word Maldoc - Part 3 |
2020-08-02 | Didier Stevens | Small Challenge: A Simple Word Maldoc |
2020-07-12 | Didier Stevens | Maldoc: VBA Purging Example |
2020-06-12 | Xavier Mertens | Malicious Excel Delivering Fileless Payload |
2020-06-01 | Didier Stevens | XLMMacroDeobfuscator: An Update |
2020-05-24 | Didier Stevens | Zloader Maldoc Analysis With xlm-deobfuscator |
2020-04-26 | Didier Stevens | Video: Malformed .docm File |
2020-04-18 | Guy Bruneau | Maldoc Falsely Represented as DOCX Invoice Redirecting to Fake Apple Store |
2020-04-06 | Didier Stevens | Password Protected Malicious Excel Files |
2020-04-05 | Guy Bruneau | Maldoc XLS Invoice with Excel 4 Macros |
2020-04-04 | Didier Stevens | New Bypass Technique or Corrupt Word Document? |
2020-03-29 | Didier Stevens | Obfuscated Excel 4 Macros |
2020-03-09 | Didier Stevens | Malicious Spreadsheet With Data Connection and Excel 4 Macros |
2020-02-24 | Didier Stevens | Maldoc: Excel 4 Macros and VBA, Devil and Angel? |
2020-02-23 | Didier Stevens | Maldoc: Excel 4 Macros in OOXML Format |
2020-01-09 | Xavier Mertens | Quick Analyzis of a(nother) Maldoc |
2019-12-22 | Didier Stevens | Extracting VBA Macros From .DWG Files |
2019-12-16 | Didier Stevens | Malicious .DWG Files? |
2019-12-14 | Didier Stevens | (Lazy) Sunday Maldoc Analysis: A Bit More ... |
2019-12-09 | Didier Stevens | (Lazy) Sunday Maldoc Analysis |
2019-09-30 | Didier Stevens | Maldoc, PowerShell & BITS |
2019-09-29 | Didier Stevens | Encrypted Maldoc, Wrong Password |
2019-08-15 | Didier Stevens | Analysis of a Spearphishing Maldoc |
2019-07-28 | Didier Stevens | Video: Analyzing Compressed PowerShell Scripts |
2019-07-06 | Didier Stevens | Malicious XSL Files |
2019-07-05 | Didier Stevens | A "Stream O" Maldoc |
2019-07-01 | Didier Stevens | Maldoc: Payloads in User Forms |
2019-05-28 | Didier Stevens | Office Document & BASE64? PowerShell! |
2019-05-01 | Didier Stevens | VBA Office Document: Which Version? |
2019-04-27 | Didier Stevens | Quick Tip for Dissecting CVE-2017-11882 Exploits |
2019-04-23 | Didier Stevens | Malicious VBA Office Document Without Source Code |
2019-03-31 | Didier Stevens | Maldoc Analysis of the Weekend by a Reader |
2019-03-25 | Didier Stevens | "VelvetSweatshop" Maldocs: Shellcode Analysis |
2019-03-23 | Didier Stevens | "VelvetSweatshop" Maldocs |
2019-03-17 | Didier Stevens | Video: Maldoc Analysis: Excel 4.0 Macro |
2019-03-16 | Didier Stevens | Maldoc: Excel 4.0 Macros |
2019-02-27 | Didier Stevens | Maldoc Analysis by a Reader |
2019-02-17 | Didier Stevens | Video: Finding Property Values in Office Documents |
2019-02-16 | Didier Stevens | Finding Property Values in Office Documents |
2019-02-11 | Didier Stevens | Have You Seen an Email Virus Recently? |
2019-02-10 | Didier Stevens | Video: Maldoc Analysis of the Weekend |
2019-02-09 | Didier Stevens | Maldoc Analysis of the Weekend |
2019-01-26 | Didier Stevens | Video: Analyzing Encrypted Malicious Office Documents |
2019-01-11 | Didier Stevens | Quick Maldoc Analysis |
2019-01-07 | Didier Stevens | Analyzing Encrypted Malicious Office Documents |
2019-01-02 | Didier Stevens | Maldoc with Nonfunctional Shellcode |
2018-12-29 | Didier Stevens | Video: De-DOSfuscation Example |
2018-12-17 | Didier Stevens | Password Protected ZIP with Maldoc |
2018-12-12 | Didier Stevens | Yet Another DOSfuscation Sample |
2018-12-03 | Didier Stevens | Word maldoc: yet another place to hide a command |
2018-11-26 | Russ McRee | ViperMonkey: VBA maldoc deobfuscation |
2018-11-23 | Didier Stevens | Video: Dissecting a CVE-2017-11882 Exploit |
2018-11-10 | Didier Stevens | Video: CyberChef: BASE64/XOR Recipe |
2018-11-02 | Didier Stevens | TriJklcj2HIUCheDES decryption failed? |
2018-10-16 | Didier Stevens | CyberChef: BASE64/XOR Recipe |
2018-10-13 | Didier Stevens | Maldoc: Once More It's XOR |
2018-10-01 | Didier Stevens | Decoding Custom Substitution Encodings with translate.py |
2018-09-30 | Didier Stevens | When DOSfuscation Helps... |
2018-08-25 | Didier Stevens | Microsoft Publisher malware: static analysis |
2018-08-05 | Didier Stevens | Video: Maldoc analysis with standard Linux tools |
2018-07-30 | Didier Stevens | Malicious Word documents using DOSfuscation |
2018-06-17 | Didier Stevens | Encrypted Office Documents |
2018-02-18 | Didier Stevens | Finding VBA signatures in .docm files |
2018-02-12 | Didier Stevens | Analyzing compressed shellcode |
2018-02-11 | Didier Stevens | Finding VBA signatures in Word documents |
2018-02-09 | Didier Stevens | An autograph from the Dridex gang |
2018-02-02 | Xavier Mertens | Simple but Effective Malicious XLS Sheet |
2018-01-28 | Didier Stevens | Is this a pentest? |
2018-01-20 | Didier Stevens | An RTF phish |
2018-01-15 | Didier Stevens | Decrypting malicious PDFs with the key |
2018-01-14 | Didier Stevens | Peeking into Excel files |
2018-01-02 | Didier Stevens | PDF documents & URLs: video |
2017-12-31 | Didier Stevens | Analyzing TNEF files |
2017-12-25 | Didier Stevens | Dealing with obfuscated RTF files |
2017-12-24 | Didier Stevens | PDF documents & URLs: update |
2017-12-23 | Didier Stevens | Encrypted PDFs |
2017-12-19 | Xavier Mertens | Example of 'MouseOver' Link in a Powerpoint File |
2017-12-18 | Didier Stevens | Phish or scam? - Part 2 |
2017-12-17 | Didier Stevens | Phish or scam? - Part 1 |
2017-12-09 | Didier Stevens | Sometimes it's a dud |
2017-11-06 | Didier Stevens | Metasploit's Maldoc |
2017-11-05 | Didier Stevens | Extracting the text from PDF documents |
2017-11-04 | Didier Stevens | PDF documents & URLs |
2017-09-10 | Didier Stevens | It is a resume - Part 3 |
2017-08-20 | Didier Stevens | It's Not An Invoice ... |
2017-08-17 | Xavier Mertens | Maldoc with auto-updated link |
2017-08-10 | Didier Stevens | Maldoc Analysis with ViperMonkey |
2017-07-29 | Didier Stevens | Maldoc Submitted and Analyzed |
2017-07-28 | Didier Stevens | Static Analysis of Emotet Maldoc |
2017-07-15 | Didier Stevens | Office maldoc + .lnk |
2017-07-10 | Didier Stevens | Basic Office maldoc analysis |
2017-04-28 | Xavier Mertens | Another Day, Another Obfuscation Technique |
2017-04-23 | Didier Stevens | Malicious Documents: A Bit Of News |
2017-04-21 | Xavier Mertens | Analysis of a Maldoc with Multiple Layers of Obfuscation |
2017-03-05 | Didier Stevens | Another example of maldoc string obfuscation, with extra bonus: UAC bypass |
2017-02-26 | Didier Stevens | CRA Maldoc Analysis |
2016-12-24 | Didier Stevens | Pinging All The Way |
2016-12-10 | Didier Stevens | Sleeping VBS Really Wants To Sleep |
2016-12-05 | Didier Stevens | Hancitor Maldoc Videos |
2016-11-18 | Didier Stevens | VBA Shellcode and Windows 10 |
2016-11-12 | Didier Stevens | VBA Shellcode and EMET |
2016-10-17 | Didier Stevens | Maldoc VBA Anti-Analysis: Video |
2016-10-16 | Didier Stevens | Analyzing Office Maldocs With Decoder.xls |
2016-10-15 | Didier Stevens | Maldoc VBA Anti-Analysis |
2016-09-26 | Didier Stevens | VBA and P-code |
2016-08-06 | Didier Stevens | rtfdump |
2016-07-30 | Didier Stevens | rtfobj |
2016-07-29 | Didier Stevens | Malicious RTF Files |
2016-07-19 | Didier Stevens | Office Maldoc: Let's Focus on the VBA Macros Later... |
2016-03-29 | Didier Stevens | VBE: Encoded VBS Script |
2016-02-21 | Didier Stevens | Tip: Quick Analysis of Office Maldoc |
2016-01-11 | Didier Stevens | BlackEnergy .XLS Dropper |
2015-12-26 | Didier Stevens | Malfunctioning Malware |
2015-11-21 | Didier Stevens | Maldoc Social Engineering Trick |
2015-09-19 | Didier Stevens | Don't launch that file Adobe Reader! |
2015-08-26 | Didier Stevens | PDF + maldoc1 = maldoc2 |
2015-05-15 | Didier Stevens | Another Maldoc? I'm Afraid So... |
2015-05-09 | Didier Stevens | Malicious Word Document: This Time The Maldoc Is A MIME File |
2015-04-10 | Didier Stevens | The Kill Chain: Now With Pastebin |
2015-03-30 | Didier Stevens | YARA Rules For Shellcode |
2015-03-14 | Didier Stevens | Maldoc VBA Sandbox/Virtualization Detection |