Tools: oledump.py
Blog post: Cracking VBA Project Passwords
ISC Diary Entry: Cracking Maldoc VBA Project Passwords
Measuring a Defective USB Cable
Testing a Defective USB Cable
Devices:
- Powerbank Anker PowerCore+ 26800 PD
- USB tester Riden UM34C
- Electronic load Kunkin KP184
Defective USB Cable
YARA’s BASE64 Strings
ISC Diary Entry: YARA’s BASE64 Strings
SANS@MIC – Maldocs: a bit of blue, a bit of red
Maldoc Analysis With xlm-deobfuscator
Sample: 82c12e7fe6cabf5edc0bdaa760b4b8c8
ISC Diary Entry: Zloader Maldoc Analysis With xlm-deobfuscator
ZIP(EICAR File), Memorized
And here I memorized all the bytes (and their meaning) of a ZIP file containing a single file: an uncompressed EICAR file.
Itβs another party trick β¦ for a hacker party πΒ .
EICAR File, Memorized
I memorized the EICAR standard antivirus test file and show that in this video.
It’s a party trick … for a hacker party π .
zipdump.py: Malformed .docm File
Tools: zipdump.py
Blog post: Analyzing Malformed ZIP Files
Sample: c36e0ef657bc2137d4ee13a97528e7a12d2ffe7b8dc2b54c92f123b3f61845a6
ISC Diary Entry: Obfuscated with a Simple 0x0A
