Skip to content

Didier Stevens Videos

  • Home
  • About
  • count.py

Didier Stevens Videos RSS

  • RSS - Posts

Recent Posts

  • oledump and YARA DDE Rules
  • tshark & Malware Analysis
  • pdftool.py: Incremental Updates
  • Decoding a Payload Using a Dynamic XOR Key
  • Doc & RTF Malicious Document

Recent Comments

Overview of Content… on Maldoc Analysis With Cybe…
ZIP(EICAR File), Mem… on EICAR File, Memorized
Overview of Content… on AutoCAD & VBA
Overview of Content… on Analyzing .DWG Files With Embe…
Overview of Content… on Encrypted Sextortion PDFs

Archives

  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • September 2019
  • July 2019
  • May 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • December 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • December 2016
  • November 2016
  • October 2016
  • July 2016
  • May 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • May 2015
  • April 2015
  • March 2015
  • February 2015
  • January 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014

Categories

  • howto
  • malware
  • my software
  • Science
  • technology
  • Uncategorized
  • video

Meta

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.com

Month: April 2015

Maldoc: PDF With OLE

Showing how to analyze a PDF file with embedded OLE file with VBA macros using my tools pdfid, pdf-parser and oledump.

pdf-parser_V0_6_3.zip (https)
MD5: 62D1AFACA8C124FB2AC279F22C088BB3
SHA256: 339E8D18BE21BAD6B2B33BDD29721F32624F3D842087D3AE353C6F8D6B92D185

Comment
April 27, 2015April 24, 2015 Didier Stevens

Maldoc PDF With Embedded DOC: What You See When It’s Opened

Comment
April 26, 2015 Didier Stevens

PoC: MS15-034 Exploited From Excel

Comment
April 20, 2015 Didier Stevens
Blog at WordPress.com.