Skip to content

Didier Stevens Videos

Search for:

Home
About
count.py

Didier Stevens Videos RSS

RSS - Posts

Search for:

Recent Posts

Extracting Information From “logfmt” Files With CyberChef
PNG + mimikatz.exe
PNG Analysis
Analysis of a Malicious HTML File (QBot)
Grep & Tail -f With Notepad++

Recent Comments

	Mike Michalko on James Webb JPEG With Malw…
	isodump.py \| Didier… on The Security Toolsmith (NVISO…
	Overview of Content… on Maldoc Analysis With Cybe…
	ZIP(EICAR File), Mem… on EICAR File, Memorized
	Overview of Content… on AutoCAD & VBA

Archives

Categories

howto
malware
my software
Networking
Science
technology
Uncategorized
video

Meta

Register
Log in
Entries feed
Comments feed
WordPress.com

Maldoc Deobfuscation: Character Removal

ISC Diary entry: Another example of maldoc string obfuscation, with extra bonus: UAC bypass

Tools: oledump.py, re-search.py and sets.py.

Sample: 7dff363557f711a92216da9e9af3bb1f

Share this:

Twitter
Facebook

Related

March 6, 2017 Didier Stevens

Post navigation

cut-bytes.py & Here Documents →

One thought on “Maldoc Deobfuscation: Character Removal”

Pingback: Overview of Content Published In March | Didier Stevens

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Connecting to %s

Notify me of new comments via email.

Notify me of new posts via email.

Δ

Blog at WordPress.com.

Follow Following
- Didier Stevens Videos
- Already have a WordPress.com account? Log in now.