Skip to content

Didier Stevens Videos

Search for:

Home
About
count.py

Didier Stevens Videos RSS

RSS - Posts

Search for:

Recent Posts

YARA’s BASE64 Strings
SANS@MIC – Maldocs: a bit of blue, a bit of red
Maldoc Analysis With xlm-deobfuscator
ZIP(EICAR File), Memorized
EICAR File, Memorized

Recent Comments

	ZIP(EICAR File), Mem… on EICAR File, Memorized
	Overview of Content… on AutoCAD & VBA
	Overview of Content… on Analyzing .DWG Files With Embe…
	Overview of Content… on Encrypted Sextortion PDFs
	Overview of Content… on Analyzing DAA Files

Archives

Categories

howto
malware
my software
technology
Uncategorized
video

Meta

Register
Log in
Entries feed
Comments feed
WordPress.com

malware

YARA’s BASE64 Strings

ISC Diary Entry: YARA’s BASE64 Strings

Comment

July 2, 2020July 1, 2020 Didier Stevens

SANS@MIC – Maldocs: a bit of blue, a bit of red

Comment

June 21, 2020 Didier Stevens

Maldoc Analysis With xlm-deobfuscator

Sample: 82c12e7fe6cabf5edc0bdaa760b4b8c8

ISC Diary Entry: Zloader Maldoc Analysis With xlm-deobfuscator

Comment

June 1, 2020 Didier Stevens

zipdump.py: Malformed .docm File

Tools: zipdump.py

Blog post: Analyzing Malformed ZIP Files

Sample: c36e0ef657bc2137d4ee13a97528e7a12d2ffe7b8dc2b54c92f123b3f61845a6

ISC Diary Entry: Obfuscated with a Simple 0x0A

Comment

April 16, 2020April 15, 2020 Didier Stevens

Stego & Cryptominers

Tools: format-bytes.py, pecheck.py, file-magic.py, cut-bytes.py.

Blog post: Steganography and Malware

Sample: DB043392816146BBE6E9F3FE669459FEA52A82A77A033C86FD5BC2F4569839C9

ISC Diary Entry: Video: Stego & Cryptominers

Comment

February 2, 2020February 2, 2020 Didier Stevens

Analyzing Unusual ZIP Files

Tools: zipdump.py, pecheck.py, file-magic.py.

Blog post: Analysis Of Unusual ZIP Files

Comment

January 1, 2020February 2, 2020 Didier Stevens

Analyzing .DWG Files With Embedded VBA Macros

Tools: oledump.py, cut-bytes.py.

Blog post: Analyzing .DWG Files With Embedded VBA Macros

ISC Diary entry: Malicious .DWG Files?

1 Comment

December 18, 2019 Didier Stevens

Encrypted Sextortion PDFs

Tools: pdfid.py and pdf-parser.py, QPDF and Poppler.

ISC diary entries: “Encrypted Sextortion PDFs”

Sample: 294592cd85ddf80ad1a092f955f1ae25

1 Comment

September 22, 2019 Didier Stevens

Analyzing DAA Files

Tools: search-for-compression.py

ISC diary entries: “Malicious .DAA Attachments” and “The DAA File Format”

Sample: 6e8947a82c97c26728dc590ed797ee23

1 Comment

September 11, 2019 Didier Stevens

Analyzing Compressed PowerShell Scripts

Tools: oledump.py, base64dump.py, translate.py

ISC diary entry: Analyzing Compressed PowerShell Scripts

Sample: 1d5794e6b276db06f6f70d5fae6d718e

1 Comment

July 28, 2019 Didier Stevens

Posts navigation

← Older posts

Blog at WordPress.com.

Didier Stevens Videos

Blog at WordPress.com.

Post to

Cancel