Sample: 8598361ecbbffb35900d0720b0316a56.
Tools: oledump.py, base64dump.py, zipdump.py
ISC Diary entry: Video: Maldoc Analysis of the Weekend
howto
Analyzing a Simple HTML Phishing Attachment
De-DOSfuscation Example
Sample: 2d0d0094b25f0116dbdfa85a2a3b69d2
Tools: numbers-to-string.py
ISC Diary entry: Video: De-DOSfuscation Example
Dissecting a CVE-2017-11882 Exploit
Sample: 1f27e4d035c8ec71264c9fb1c8915f0b
Tools: rtfdump.py, oledump.py, format-bytes.py, scdbg.exe
ISC Diary entry: Dissecting a CVE-2017-11882 Exploit
oledump: plugin_ppt
Sample: f450ab337c93b7cb62599b0f6aa485e8
Tools: oledump.py
Blog post: Analyzing PowerPoint Maldocs with oledump Plugin plugin_ppt
DotNetToJScript Analysis
Tools: re-research.py, base64dump.py and pecheck.py.
Retrieving and Processing JSON Data (BTC Example)
Tools: jq and what-is-new.py.
ISC Diary Entries: Retrieving and processing JSON data (BTC example) and New Extortion Tricks: Now Including Your Password!
