Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Video: Malformed .docm File SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Video: Malformed .docm File

In diary entry "Obfuscated with a Simple 0x0A", Xavier discovers that a .docm file is a malformed ZIP file.

In the following video, I show how this file is malformed:

Didier Stevens
Senior handler
Microsoft MVP


597 Posts
ISC Handler
Apr 26th 2020

Sign Up for Free or Log In to start participating in the conversation!