Tool: CyberChef
ISC Diary Entry: Extracting Information From “logfmt” Files With CyberChef
Tools: pngdump.py, pecheck.py, strings.py
bdm.png: 95ffae4e0aecd870211c9825633b0a80b7613ec0d9ae144178c132559e7de437 virustotal malshare
Tools: pngdump.py, byte-stats.py, translate.py, decrypt-icedid.py, strings.py
Sample: 8fca57502cbd74502560bf963f3fd78acfc922b43d5973a0cd8f28426214abca
SANS ISC Diary entry: PNG Analysis
Tools: base64dump.py, zipdump.py, isodump.py, pecheck.py
Sample: 79cd49dc922c41b2845787c7835063e6ed77507001df133e7d7aafa3d13b6e20
SANS ISC Diary entry: Analysis of a Malicious HTML File (QBot)
Tools: zipdump.py, CyberChef
ISC diary entry: “Analyzing Obfuscated VBS with CyberChef“
Sample: malwarebazaar
Tools: jpegdump.py, base64dump.py, pecheck.py, headtail.py
ISC diary entry: James Webb JPEG With Malware
Sample: 3bdf6d9f0f35be75d8345d897ec838ae231ba01ae898f6d0c8f920ff4061fc22, MalwareBazaar
Tools: 1768.py