Tag Archives: Office Documents

Excel 4 macro code obfuscation

Posted on November 16, 2021 by pcsxcetrasupport3

This sample comes from a Twitter thread located Here by Frost @fr0s7_ and appears to be “BazarLoader” Since this is a Xlsb file I usually just open it up in my Office 2010 Pro sandbox and then convert to Xlsm … Continue reading →

Posted in Uncategorized | Tagged Malware Analysis, Obfuscation, Office Documents | 1 Comment

A deeper look at Office documents flat style

Posted on July 27, 2021 by pcsxcetrasupport3

Over the last few years I have seen some samples that use the xml style of Word Documents with base64 encoded ActiveMime data. What started this was a recent Twitter post by HunterMaor @bit_dam Here where he was not able … Continue reading →

Posted in Malware, security, VBScript | Tagged Malware Analysis, Obfuscation, Office Documents | 1 Comment

A deeper look inside one of the new Emotet Malware Docs

Posted on September 20, 2019 by pcsxcetrasupport3

The sample here comes from a quick search supplied by ANY.RUN @anyrun_app of #emotet-doc to filter quickly on documents you want to look at. Twitter reference Here and the link to the file we are going to use Here. One … Continue reading →

Posted in Malware | Tagged Malware Analysis, Office Documents, Reverse Engineering, Security | Comments Off

	Week 21 – 2022… on Pealing back the layers of a b…
	Week 50 – 2021… on Peeling away the layers of obf…
	Week 47 – 2021… on Excel 4 macro code obfusc…
	Week 31 – 2021… on A deeper look at Office docume…
	More on Yara And Bui… on More on Yara And Building…

Tag Archives: Office Documents

Excel 4 macro code obfuscation

A deeper look at Office documents flat style

A deeper look inside one of the new Emotet Malware Docs

Recent Posts

Recent Comments

Archives

Categories

Meta