Tools: oledump.py.
ISC diary entry: Peeking into msg files – revisited
Maldoc Analysis & Linux Tools
Tools: oledump.py.
ISC diary entry: Maldoc analysis with standard Linux tools
Sample: 2f87105fea2d4bae72ebc00efc6ede56
Dealing With Numeric Obfuscation
Tools: oledump.py, re-research.py, sets.py and numbers-to-string.py.
ISC diary entry: Dealing with numeric obfuscation in malicious scripts
Sample: f25a16298240f2faefee654478050a62
DotNetToJScript Analysis
Tools: re-research.py, base64dump.py and pecheck.py.
Maldoc with DOSfuscation
Tools: oledump.py, re-research.py, sets.py and instantiation.py.
ISC diary entry: Malicious Word documents using DOSfuscation
Sample: 47827f618056ef15563138ebe69225d0
Retrieving and Processing JSON Data (BTC Example)
Tools: jq and what-is-new.py.
ISC Diary Entries: Retrieving and processing JSON data (BTC example) and New Extortion Tricks: Now Including Your Password!
Analyzing XPS Files
Tools: zipdump.py and re-search.py.
ISC Diary Entry: XPS Samples
Sample: 19e432b6960604aa7492e1196c20b594
