Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: Diaries by Keyword - SANS Internet Storm Center Diaries by Keyword


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title
2017-08-17Xavier MertensMaldoc with auto-updated link
2017-08-10Didier StevensMaldoc Analysis with ViperMonkey
2017-07-29Didier StevensMaldoc Submitted and Analyzed
2017-07-28Didier StevensStatic Analysis of Emotet Maldoc
2017-07-15Didier StevensOffice maldoc + .lnk
2017-07-10Didier StevensBasic Office maldoc analysis
2017-04-28Xavier MertensAnother Day, Another Obfuscation Technique
2017-04-23Didier StevensMalicious Documents: A Bit Of News
2017-04-21Xavier MertensAnalysis of a Maldoc with Multiple Layers of Obfuscation
2017-03-05Didier StevensAnother example of maldoc string obfuscation, with extra bonus: UAC bypass
2017-02-26Didier StevensCRA Maldoc Analysis
2016-12-24Didier StevensPinging All The Way
2016-12-10Didier StevensSleeping VBS Really Wants To Sleep
2016-12-05Didier StevensHancitor Maldoc Videos
2016-11-18Didier StevensVBA Shellcode and Windows 10
2016-11-12Didier StevensVBA Shellcode and EMET
2016-10-17Didier StevensMaldoc VBA Anti-Analysis: Video
2016-10-16Didier StevensAnalyzing Office Maldocs With Decoder.xls
2016-10-15Didier StevensMaldoc VBA Anti-Analysis
2016-09-26Didier StevensVBA and P-code
2016-08-06Didier Stevensrtfdump
2016-07-30Didier Stevensrtfobj
2016-07-29Didier StevensMalicious RTF Files
2016-07-19Didier StevensOffice Maldoc: Let's Focus on the VBA Macros Later...
2016-03-29Didier StevensVBE: Encoded VBS Script
2016-02-21Didier StevensTip: Quick Analysis of Office Maldoc
2016-01-11Didier StevensBlackEnergy .XLS Dropper
2015-12-26Didier StevensMalfunctioning Malware
2015-11-21Didier StevensMaldoc Social Engineering Trick
2015-09-19Didier StevensDon't launch that file Adobe Reader!
2015-08-26Didier StevensPDF + maldoc1 = maldoc2
2015-05-15Didier StevensAnother Maldoc? I'm Afraid So...
2015-05-09Didier StevensMalicious Word Document: This Time The Maldoc Is A MIME File
2015-04-10Didier StevensThe Kill Chain: Now With Pastebin
2015-03-30Didier StevensYARA Rules For Shellcode
2015-03-14Didier StevensMaldoc VBA Sandbox/Virtualization Detection