Monthly Archives: November 2017
Peeling away the layers of a word document macro
The sample used in this one was first brought to my attention from the blog post by @HerbieZimmerman and the blog post is here. https://www.herbiez.com/?p=1028 and the link to the doc file is here https://www.hybrid-analysis.com/sample/0de3f4380b642e59d0cde5570ed13bfc727000b94a034ce10e1f87bfac3fac79?environmentId=100 This one peaked my interest … Continue reading
Posted in Malware, PowerShell, security, VBScript
Tagged Malware Analysis, PowerShell, VBScript
Comments Off on Peeling away the layers of a word document macro
De-obfuscating a PowerShell Script Obfuscated by Invoke-Obfuscation
Here I will be trying to deep dive on how the obfuscation works and what is required to de-obfuscate it. This sample comes from @James_inthe_box posted here https://twitter.com/James_inthe_box/status/928644055054946305 on November 9th 2017. Here is the link to the “pastebin” of … Continue reading
Posted in Malware, security
Tagged Decoding, Malware Analysis
Comments Off on De-obfuscating a PowerShell Script Obfuscated by Invoke-Obfuscation
PC's Xcetra Support 