Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Diaries by Keyword - SANS Internet Storm Center Diaries by Keyword

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title
2017-04-23Didier StevensMalicious Documents: A Bit Of News
2017-04-21Xavier MertensAnalysis of a Maldoc with Multiple Layers of Obfuscation
2017-03-05Didier StevensAnother example of maldoc string obfuscation, with extra bonus: UAC bypass
2017-02-26Didier StevensCRA Maldoc Analysis
2016-12-24Didier StevensPinging All The Way
2016-12-10Didier StevensSleeping VBS Really Wants To Sleep
2016-12-05Didier StevensHancitor Maldoc Videos
2016-11-18Didier StevensVBA Shellcode and Windows 10
2016-11-12Didier StevensVBA Shellcode and EMET
2016-10-17Didier StevensMaldoc VBA Anti-Analysis: Video
2016-10-16Didier StevensAnalyzing Office Maldocs With Decoder.xls
2016-10-15Didier StevensMaldoc VBA Anti-Analysis
2016-09-26Didier StevensVBA and P-code
2016-08-06Didier Stevensrtfdump
2016-07-30Didier Stevensrtfobj
2016-07-29Didier StevensMalicious RTF Files
2016-07-19Didier StevensOffice Maldoc: Let's Focus on the VBA Macros Later...
2016-03-29Didier StevensVBE: Encoded VBS Script
2016-02-21Didier StevensTip: Quick Analysis of Office Maldoc
2016-01-11Didier StevensBlackEnergy .XLS Dropper
2015-12-26Didier StevensMalfunctioning Malware
2015-11-21Didier StevensMaldoc Social Engineering Trick
2015-09-19Didier StevensDon't launch that file Adobe Reader!
2015-08-26Didier StevensPDF + maldoc1 = maldoc2
2015-05-15Didier StevensAnother Maldoc? I'm Afraid So...
2015-05-09Didier StevensMalicious Word Document: This Time The Maldoc Is A MIME File
2015-04-10Didier StevensThe Kill Chain: Now With Pastebin
2015-03-30Didier StevensYARA Rules For Shellcode
2015-03-14Didier StevensMaldoc VBA Sandbox/Virtualization Detection