Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Diaries by Keyword Diaries by Keyword

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title
2019-12-09Didier Stevens(Lazy) Sunday Maldoc Analysis
2019-11-20Brad DuncanHancitor infection with Pony, Evil Pony, Ursnif, and Cobalt Strike
2019-10-18Xavier MertensQuick Malicious VBS Analysis
2019-09-12Xavier MertensRig Exploit Kit Delivering VBScript
2019-08-22Xavier MertensSimple Mimikatz & RDPWrapper Dropper
2019-05-01Didier StevensVBA Office Document: Which Version?
2019-02-14Xavier MertensOld H-Worm Delivered Through GitHub
2019-02-10Didier StevensVideo: Maldoc Analysis of the Weekend
2019-02-09Didier StevensMaldoc Analysis of the Weekend
2018-11-26Russ McReeViperMonkey: VBA maldoc deobfuscation
2018-09-13Xavier MertensMalware Delivered Through MHT Files
2018-08-24Xavier MertensMicrosoft Publisher Files Delivering Malware
2018-05-25Xavier MertensAntivirus Evasion? Easy as 1,2,3
2018-02-18Didier StevensFinding VBA signatures in .docm files
2018-02-11Didier StevensFinding VBA signatures in Word documents
2017-12-16Xavier MertensMicrosoft Office VBA Macro Obfuscation via Metadata
2017-11-15Xavier MertensIf you want something done right, do it yourself!
2017-11-07Xavier MertensInteresting VBA Dropper
2017-08-26Didier StevensMalware analysis: searching for dots
2017-07-08Xavier MertensA VBScript with Obfuscated Base64 Data
2017-03-12Guy BruneauHoneypot Logs and Tracking a VBE Script
2017-02-26Guy BruneauIt is Tax Season - Watch out for Suspicious Attachment
2016-12-24Didier StevensPinging All The Way
2016-11-18Didier StevensVBA Shellcode and Windows 10
2016-10-17Didier StevensMaldoc VBA Anti-Analysis: Video
2016-10-16Didier StevensAnalyzing Office Maldocs With Decoder.xls
2016-10-15Didier StevensMaldoc VBA Anti-Analysis
2016-09-26Didier StevensVBA and P-code
2016-03-29Didier StevensVBE: Encoded VBS Script
2016-03-07Xavier MertensAnother Malicious Document, Another Way to Deliver Malicious Code
2015-03-14Didier StevensMaldoc VBA Sandbox/Virtualization Detection
2015-02-20Tom WebbFast analysis of a Tax Scam
2013-11-19Johannes UllrichvBulletin.com Compromise - Possible 0-day
2010-07-23Mark HofmanvBulletin vB 3.8.6 vulnerability
2010-03-01Mark HofmanIE 0-day using .hlp files
2008-04-03Bojan ZdrnjaMixed (VBScript and JavaScript) obfuscation