Sample: 007de2c71861a3e1e6d70f7fe8f4ce9b.
Tools: oledump.py
Blog post: Maldoc: Excel 4.0 Macro
malware
Analyzing a Phishing PDF with /ObjStm
Sample: 55c336693e66b5d6a799b6b4f8eb5f1a.
Tools: pdfid.py, pdf-parser.py
Blog post: Analyzing a Phishing PDF with /ObjStm
PDF: Stream Objects (/ObjStm)
Finding Property Values in Office Documents
Sample: 8598361ecbbffb35900d0720b0316a56.
Tools: oledump.py
ISC Diary entry: Video: Finding Property Values in Office Documents
Maldoc Analysis of the Weekend
Sample: 8598361ecbbffb35900d0720b0316a56.
Tools: oledump.py, base64dump.py, zipdump.py
ISC Diary entry: Video: Maldoc Analysis of the Weekend
Analyzing a Simple HTML Phishing Attachment
msoffcrypto-crack
Tools: msoffcrypto-crack.py, oledump.py
ISC Diary entry: Video: Analyzing Encrypted Malicious Office Documents
