Threat Level: green Handler on Duty: Renato Marinho

SANS ISC: Diaries by Keyword Diaries by Keyword

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title
2021-03-06Xavier MertensSpotting the Red Team on VirusTotal!
2021-02-05Xavier MertensVBA Macro Trying to Alter the Application Menus
2021-02-02Xavier MertensNew Example of XSL Script Processing aka "Mitre T1220"
2020-11-22Didier StevensQuick Tip: Extracting all VBA Code from a Maldoc - JSON Format
2020-11-15Didier Stevensoledump's ! Indicator
2020-11-08Didier StevensQuick Tip: Extracting all VBA Code from a Maldoc
2020-09-23Xavier MertensMalicious Word Document with Dynamic Content
2020-09-18Xavier MertensA Mix of Python & VBA in a Malicious Word Document
2020-08-31Didier StevensFinding The Original Maldoc
2020-08-29Didier StevensMalicious Excel Sheet with a NULL VT Score: More Info
2020-08-26Xavier MertensMalicious Excel Sheet with a NULL VT Score
2020-08-03Xavier MertensPowershell Bot with Multiple C2 Protocols
2020-07-26Didier StevensCracking Maldoc VBA Project Passwords
2020-07-13Didier StevensVBA Project Passwords
2020-07-12Didier StevensMaldoc: VBA Purging Example
2020-02-24Didier StevensMaldoc: Excel 4 Macros and VBA, Devil and Angel?
2019-12-28Didier StevensCorrupt Office Documents
2019-12-23Didier StevensNew plugin: plugin_version_vba
2019-12-22Didier StevensExtracting VBA Macros From .DWG Files
2019-12-16Didier StevensMalicious .DWG Files?
2019-12-09Didier Stevens(Lazy) Sunday Maldoc Analysis
2019-05-01Didier StevensVBA Office Document: Which Version?
2019-02-10Didier StevensVideo: Maldoc Analysis of the Weekend
2019-02-09Didier StevensMaldoc Analysis of the Weekend
2018-11-26Russ McReeViperMonkey: VBA maldoc deobfuscation
2018-08-24Xavier MertensMicrosoft Publisher Files Delivering Malware
2018-02-18Didier StevensFinding VBA signatures in .docm files
2018-02-11Didier StevensFinding VBA signatures in Word documents
2017-12-16Xavier MertensMicrosoft Office VBA Macro Obfuscation via Metadata
2017-11-15Xavier MertensIf you want something done right, do it yourself!
2017-11-07Xavier MertensInteresting VBA Dropper
2017-02-26Guy BruneauIt is Tax Season - Watch out for Suspicious Attachment
2016-12-24Didier StevensPinging All The Way
2016-11-18Didier StevensVBA Shellcode and Windows 10
2016-10-17Didier StevensMaldoc VBA Anti-Analysis: Video
2016-10-16Didier StevensAnalyzing Office Maldocs With Decoder.xls
2016-10-15Didier StevensMaldoc VBA Anti-Analysis
2016-09-26Didier StevensVBA and P-code
2016-03-07Xavier MertensAnother Malicious Document, Another Way to Deliver Malicious Code
2015-03-14Didier StevensMaldoc VBA Sandbox/Virtualization Detection