Date Author Title

EXCEL 40 MACROS

2019-03-17Didier StevensVideo: Maldoc Analysis: Excel 4.0 Macro
2019-03-16Didier StevensMaldoc: Excel 4.0 Macros

EXCEL

2023-08-23/a>Xavier MertensMore Exotic Excel Files Dropping AgentTesla
2022-07-10/a>Guy BruneauExcel 4 Emotet Maldoc Analysis using CyberChef
2022-07-07/a>Brad DuncanEmotet infection with Cobalt Strike
2022-04-20/a>Brad Duncan"aa" distribution Qakbot (Qbot) infection with DarkVNC traffic
2022-04-06/a>Brad DuncanWindows MetaStealer Malware
2022-03-25/a>Xavier MertensXLSB Files: Because Binary is Stealthier Than XML
2022-01-22/a>Xavier MertensMixed VBA & Excel4 Macro In a Targeted Excel Sheet
2022-01-05/a>Xavier MertensCode Reuse In the Malware Landscape
2021-11-19/a>Xavier MertensDownloader Disguised as Excel Add-In (XLL)
2021-09-25/a>Didier StevensStrings Analysis: VBA & Excel4 Maldoc
2021-09-25/a>Didier StevensVideo: Strings Analysis: VBA & Excel4 Maldoc
2021-09-23/a>Xavier MertensExcel Recipe: Some VBA Code with a Touch of Excel4 Macro
2021-09-01/a>Brad DuncanSTRRAT: a Java-based RAT that doesn't care if you have Java
2021-03-03/a>Brad DuncanQakbot infection with Cobalt Strike
2021-02-28/a>Didier StevensMaldocs: Protection Passwords
2021-02-22/a>Didier StevensUnprotecting Malicious Documents For Inspection
2021-02-17/a>Brad DuncanMalspam pushing Trickbot gtag rob13
2021-02-03/a>Brad DuncanExcel spreadsheets push SystemBC malware
2021-01-20/a>Brad DuncanQakbot activity resumes after holiday break
2021-01-14/a>Bojan ZdrnjaDynamically analyzing a heavily obfuscated Excel 4 macro malicious file
2020-12-12/a>Didier StevensOffice 95 Excel 4 Macros
2020-12-09/a>Brad DuncanRecent Qakbot (Qbot) activity
2020-10-26/a>Didier StevensExcel 4 Macros: "Abnormal Sheet Visibility"
2020-08-26/a>Xavier MertensMalicious Excel Sheet with a NULL VT Score
2020-06-12/a>Xavier MertensMalicious Excel Delivering Fileless Payload
2020-06-01/a>Didier StevensXLMMacroDeobfuscator: An Update
2020-04-24/a>Xavier MertensMalicious Excel With a Strong Obfuscation and Sandbox Evasion
2020-04-05/a>Guy BruneauMaldoc XLS Invoice with Excel 4 Macros
2020-03-29/a>Didier StevensObfuscated Excel 4 Macros
2020-03-09/a>Didier StevensMalicious Spreadsheet With Data Connection and Excel 4 Macros
2020-03-06/a>Xavier MertensA Safe Excel Sheet Not So Safe
2020-02-24/a>Didier StevensMaldoc: Excel 4 Macros and VBA, Devil and Angel?
2020-02-23/a>Didier StevensMaldoc: Excel 4 Macros in OOXML Format
2019-11-08/a>Xavier MertensMicrosoft Apps Diverted from Their Main Use
2019-03-25/a>Didier Stevens"VelvetSweatshop" Maldocs: Shellcode Analysis
2019-03-23/a>Didier Stevens"VelvetSweatshop" Maldocs
2019-03-17/a>Didier StevensVideo: Maldoc Analysis: Excel 4.0 Macro
2019-03-16/a>Didier StevensMaldoc: Excel 4.0 Macros
2018-10-10/a>Xavier MertensNew Campaign Using Old Equation Editor Vulnerability
2018-09-28/a>Xavier MertensMore Excel DDE Code Injection
2018-05-22/a>Xavier MertensMalware Distributed via .slk Files
2018-02-02/a>Xavier MertensSimple but Effective Malicious XLS Sheet
2017-04-19/a>Xavier MertensHunting for Malicious Excel Sheets
2015-05-15/a>Didier StevensAnother Maldoc? I'm Afraid So...
2010-03-09/a>John BambenekMarch 2010 - Microsoft Patch Tuesday Diary
2009-07-13/a>Adrien de BeaupreVulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution

40

2022-08-26/a>Guy BruneauHTTP/2 Packet Analysis with Wireshark
2020-11-21/a>Guy BruneauVMware privilege escalation vulnerabilities (CVE-2020-4004, CVE-2020-4005) - https://www.vmware.com/security/advisories/VMSA-2020-0026.html
2019-03-17/a>Didier StevensVideo: Maldoc Analysis: Excel 4.0 Macro
2019-03-16/a>Didier StevensMaldoc: Excel 4.0 Macros
2017-07-19/a>Xavier MertensBots Searching for Keys & Config Files
2014-06-12/a>Johannes UllrichMetasploit now includes module to exploit CVE-2014-0195 (OpenSSL DTLS Fragment Vuln.)
2014-05-21/a>John BambenekNew, Unpatched IE 0 Day published at ZDI
2014-03-02/a>Stephen HallSymantec goes yellow
2012-04-12/a>Guy BruneauHP ProCurve 5400 zl Switch, Flash Cards Infected with Malware
2011-08-05/a>Johannes UllrichCommon Web Attacks. A quick 404 project update
2011-07-28/a>Johannes UllrichAnnouncing: The "404 Project"
2009-11-11/a>Rob VandenBrinkApple Safari 4.0.4 Released
2006-10-05/a>Swa FrantzenMS06-053 revisited ?
2006-08-31/a>Joel EslerMS06-040 Worm

MACROS

2022-04-20/a>Brad Duncan"aa" distribution Qakbot (Qbot) infection with DarkVNC traffic
2021-12-02/a>Brad DuncanTA551 (Shathak) pushes IcedID (Bokbot)
2021-09-01/a>Brad DuncanSTRRAT: a Java-based RAT that doesn't care if you have Java
2021-03-03/a>Brad DuncanQakbot infection with Cobalt Strike
2021-02-03/a>Brad DuncanExcel spreadsheets push SystemBC malware
2021-01-26/a>Brad DuncanTA551 (Shathak) Word docs push Qakbot (Qbot)
2021-01-20/a>Brad DuncanQakbot activity resumes after holiday break
2021-01-13/a>Brad DuncanHancitor activity resumes after a hoilday break
2020-12-09/a>Brad DuncanRecent Qakbot (Qbot) activity
2020-10-26/a>Didier StevensExcel 4 Macros: "Abnormal Sheet Visibility"
2020-10-14/a>Brad DuncanMore TA551 (Shathak) Word docs push IcedID (Bokbot)
2020-08-07/a>Brad DuncanTA551 (Shathak) Word docs push IcedID (Bokbot)
2020-07-15/a>Brad DuncanWord docs with macros for IcedID (Bokbot)
2020-07-10/a>Brad DuncanExcel spreasheet macro kicks off Formbook infection
2020-06-10/a>Brad DuncanJob application-themed malspam pushes ZLoader
2020-06-01/a>Didier StevensXLMMacroDeobfuscator: An Update
2020-05-20/a>Brad DuncanMicrosoft Word document with malicious macro pushes IcedID (Bokbot)
2020-04-05/a>Guy BruneauMaldoc XLS Invoice with Excel 4 Macros
2020-03-29/a>Didier StevensObfuscated Excel 4 Macros
2020-03-09/a>Didier StevensMalicious Spreadsheet With Data Connection and Excel 4 Macros
2020-02-24/a>Didier StevensMaldoc: Excel 4 Macros and VBA, Devil and Angel?
2020-02-23/a>Didier StevensMaldoc: Excel 4 Macros in OOXML Format
2019-06-18/a>Brad DuncanMalspam with password-protected Word docs pushing Dridex
2019-03-17/a>Didier StevensVideo: Maldoc Analysis: Excel 4.0 Macro
2019-03-16/a>Didier StevensMaldoc: Excel 4.0 Macros