Tools: oledump.py
Sample: f0deca3a062a057b45bd075aef290b9bd88180c4f72743c29907dc3b934121d8
ISC diary entry: Maldoc: non-ASCII VBA Identifiers
Tools: oledump.py
Sample: f0deca3a062a057b45bd075aef290b9bd88180c4f72743c29907dc3b934121d8
ISC diary entry: Maldoc: non-ASCII VBA Identifiers
Sample: 402a722d58368018ffb78eda78280a3f1e6346dd8996b4e4cd442f30e429a5cf
Tools: strings.py, base64dump.py, re-search.py, byte-stats.py
ISC Diary Entry: Decoding Obfuscated BASE64 Statistically
Tools: rtfdump.py, oledump.py, olemake.py (private tool, not available for download)
This was a quick recording without microphone.
Tools: zipdump.py, strings.py and myjson-filter.py.
ISC diary entry: Method For String Extraction Filtering
ISC diary entries: curl 7.82.0 Adds –json Option, jo
Tools: oledump.py, OLETemplate.bt, 010 Editor
ISC Diary Entry: Maldoc Cleaned by Anti-Virus
Sample: 0f609e43fa76afd4e2e916acb2ab54cc8fce64750ec372f716b42f34db3da0ce
Tools: oledump.py, xorsearch, scdbg
ISC Diary Entry: A Good Old Equation Editor Vulnerability Delivering Malware
Sample: c82724520ee5ffbcc6ee13c76d004aa903c2f70c93c505df87fe46e5e8cc53a9