Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Video: Simple Analysis Of A CVE-2021-40444 .docx Document - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Video: Simple Analysis Of A CVE-2021-40444 .docx Document

I created a video for the analysis I described in my last diary entry "Simple Analysis Of A CVE-2021-40444 .docx Document".

I also cover another sample in that video, that is a bit harder to analyze (and has much lower detection rates on VT).

Remark that I always make sure that you can find the samples I analyze on Malware Bazaar too.

And here is the InQuest blog post I mention in the video: "Microsoft MSHTML Remote Code Execution Vulnerability".

The tools I use in this video: zipdump.py, re-search.py and xmldump.py.

 

Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com

 DidierStevens

638 Posts
ISC Handler
Sep 19th 2021
Thread locked Subscribe Sep 19th 2021
7 months ago

Sign Up for Free or Log In to start participating in the conversation!