Reader Jan Hugo submitted a malicious spreadsheet (MD5 942e941ed7344ffc691f569083949a31). It has some aspects that I want to highlight in this diary entry. oledump.py can be used to analyze it:
def Substitute(number): key = [ord(char) for char in 'qwertyuiopasdfghjklzxcvbnm/"\'()[]${}.,\\;-%_|: 1234567890'] if not number in key: return None return key[(key.index(number) - 9) % len(key)]
Didier Stevens |
DidierStevens 639 Posts ISC Handler Oct 1st 2018 |
Thread locked Subscribe |
Oct 1st 2018 3 years ago |
This is great for learning, thanks for the video.
|
Anonymous |
Quote |
Oct 11th 2018 3 years ago |
Sign Up for Free or Log In to start participating in the conversation!