Monthly Archives: November 2017

Peeling away the layers of a word document macro

The sample used in this one was first brought to my attention from the blog post by @HerbieZimmerman  and the blog post is here. and the link to the doc file is here This one peaked my interest … Continue reading

Posted in Malware, PowerShell, security, VBScript | Tagged , ,

De-obfuscating a PowerShell Script Obfuscated by Invoke-Obfuscation

Here I will be trying to deep dive on how the obfuscation works and what is required to de-obfuscate it. This sample comes from @James_inthe_box posted here on November 9th 2017. Here is the link to the “pastebin” of … Continue reading

Posted in Malware, security | Tagged ,