Sample: 55c336693e66b5d6a799b6b4f8eb5f1a.
Tools: pdfid.py, pdf-parser.py
Blog post: Analyzing a Phishing PDF with /ObjStm
Author: Didier Stevens
PDF: Stream Objects (/ObjStm)
Finding Property Values in Office Documents
Sample: 8598361ecbbffb35900d0720b0316a56.
Tools: oledump.py
ISC Diary entry: Video: Finding Property Values in Office Documents
Maldoc Analysis of the Weekend
Sample: 8598361ecbbffb35900d0720b0316a56.
Tools: oledump.py, base64dump.py, zipdump.py
ISC Diary entry: Video: Maldoc Analysis of the Weekend
Analyzing a Simple HTML Phishing Attachment
msoffcrypto-crack
Tools: msoffcrypto-crack.py, oledump.py
ISC Diary entry: Video: Analyzing Encrypted Malicious Office Documents
De-DOSfuscation Example
Sample: 2d0d0094b25f0116dbdfa85a2a3b69d2
Tools: numbers-to-string.py
ISC Diary entry: Video: De-DOSfuscation Example
