Internet Storm Center
Sign In
Sign Up
SANS Network Security: Las Vegas Sept 4-9.
Handler on Duty:
Didier Stevens
Threat Level:
green
Date
Author
Title
2024-07-13
Didier Stevens
16-bit Hash Collisions in .xls Spreadsheets
2023-08-23
Xavier Mertens
More Exotic Excel Files Dropping AgentTesla
2022-07-10
Guy Bruneau
Excel 4 Emotet Maldoc Analysis using CyberChef
2022-07-07
Brad Duncan
Emotet infection with Cobalt Strike
2022-04-20
Brad Duncan
"aa" distribution Qakbot (Qbot) infection with DarkVNC traffic
2022-04-06
Brad Duncan
Windows MetaStealer Malware
2022-03-25
Xavier Mertens
XLSB Files: Because Binary is Stealthier Than XML
2022-01-22
Xavier Mertens
Mixed VBA & Excel4 Macro In a Targeted Excel Sheet
2022-01-05
Xavier Mertens
Code Reuse In the Malware Landscape
2021-11-19
Xavier Mertens
Downloader Disguised as Excel Add-In (XLL)
2021-09-25
Didier Stevens
Strings Analysis: VBA & Excel4 Maldoc
2021-09-25
Didier Stevens
Video: Strings Analysis: VBA & Excel4 Maldoc
2021-09-23
Xavier Mertens
Excel Recipe: Some VBA Code with a Touch of Excel4 Macro
2021-09-01
Brad Duncan
STRRAT: a Java-based RAT that doesn't care if you have Java
2021-03-03
Brad Duncan
Qakbot infection with Cobalt Strike
2021-02-28
Didier Stevens
Maldocs: Protection Passwords
2021-02-22
Didier Stevens
Unprotecting Malicious Documents For Inspection
2021-02-17
Brad Duncan
Malspam pushing Trickbot gtag rob13
2021-02-03
Brad Duncan
Excel spreadsheets push SystemBC malware
2021-01-20
Brad Duncan
Qakbot activity resumes after holiday break
2021-01-14
Bojan Zdrnja
Dynamically analyzing a heavily obfuscated Excel 4 macro malicious file
2020-12-12
Didier Stevens
Office 95 Excel 4 Macros
2020-12-09
Brad Duncan
Recent Qakbot (Qbot) activity
2020-10-26
Didier Stevens
Excel 4 Macros: "Abnormal Sheet Visibility"
2020-08-26
Xavier Mertens
Malicious Excel Sheet with a NULL VT Score
2020-06-12
Xavier Mertens
Malicious Excel Delivering Fileless Payload
2020-06-01
Didier Stevens
XLMMacroDeobfuscator: An Update
2020-04-24
Xavier Mertens
Malicious Excel With a Strong Obfuscation and Sandbox Evasion
2020-04-05
Guy Bruneau
Maldoc XLS Invoice with Excel 4 Macros
2020-03-29
Didier Stevens
Obfuscated Excel 4 Macros
2020-03-09
Didier Stevens
Malicious Spreadsheet With Data Connection and Excel 4 Macros
2020-03-06
Xavier Mertens
A Safe Excel Sheet Not So Safe
2020-02-24
Didier Stevens
Maldoc: Excel 4 Macros and VBA, Devil and Angel?
2020-02-23
Didier Stevens
Maldoc: Excel 4 Macros in OOXML Format
2019-11-08
Xavier Mertens
Microsoft Apps Diverted from Their Main Use
2019-03-25
Didier Stevens
"VelvetSweatshop" Maldocs: Shellcode Analysis
2019-03-23
Didier Stevens
"VelvetSweatshop" Maldocs
2019-03-17
Didier Stevens
Video: Maldoc Analysis: Excel 4.0 Macro
2019-03-16
Didier Stevens
Maldoc: Excel 4.0 Macros
2018-10-10
Xavier Mertens
New Campaign Using Old Equation Editor Vulnerability
2018-09-28
Xavier Mertens
More Excel DDE Code Injection
2018-05-22
Xavier Mertens
Malware Distributed via .slk Files
2018-02-02
Xavier Mertens
Simple but Effective Malicious XLS Sheet
2017-04-19
Xavier Mertens
Hunting for Malicious Excel Sheets
2015-05-15
Didier Stevens
Another Maldoc? I'm Afraid So...
2010-03-09
John Bambenek
March 2010 - Microsoft Patch Tuesday Diary
2009-07-13
Adrien de Beaupre
Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Make the web a better place by
sharing the SANS Internet Storm Center
with others