Threat Level: green Handler on Duty: Renato Marinho

SANS ISC: Diaries by Keyword Diaries by Keyword

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title
2020-08-06Xavier MertensA Fork of the FTCode Powershell Ransomware
2020-08-03Xavier MertensPowershell Bot with Multiple C2 Protocols
2020-07-26Didier StevensCracking Maldoc VBA Project Passwords
2020-07-13Didier StevensVBA Project Passwords
2020-07-12Didier StevensMaldoc: VBA Purging Example
2020-05-13Brad DuncanMalspam with links to zip archives pushes Dridex malware
2020-04-08Brad DuncanGerman malspam pushes ZLoader malware
2020-03-25Brad DuncanRecent Dridex activity
2020-02-24Didier StevensMaldoc: Excel 4 Macros and VBA, Devil and Angel?
2020-02-22Xavier MertensSimple but Efficient VBScript Obfuscation
2020-02-07Xavier MertensSandbox Detection Tricks & Nice Obfuscation in a Single VBScript
2019-12-28Didier StevensCorrupt Office Documents
2019-12-23Didier StevensNew plugin: plugin_version_vba
2019-12-22Didier StevensExtracting VBA Macros From .DWG Files
2019-12-16Didier StevensMalicious .DWG Files?
2019-12-09Didier Stevens(Lazy) Sunday Maldoc Analysis
2019-11-20Brad DuncanHancitor infection with Pony, Evil Pony, Ursnif, and Cobalt Strike
2019-10-18Xavier MertensQuick Malicious VBS Analysis
2019-09-12Xavier MertensRig Exploit Kit Delivering VBScript
2019-08-22Xavier MertensSimple Mimikatz & RDPWrapper Dropper
2019-05-01Didier StevensVBA Office Document: Which Version?
2019-02-14Xavier MertensOld H-Worm Delivered Through GitHub
2019-02-10Didier StevensVideo: Maldoc Analysis of the Weekend
2019-02-09Didier StevensMaldoc Analysis of the Weekend
2018-11-26Russ McReeViperMonkey: VBA maldoc deobfuscation
2018-09-13Xavier MertensMalware Delivered Through MHT Files
2018-08-24Xavier MertensMicrosoft Publisher Files Delivering Malware
2018-05-25Xavier MertensAntivirus Evasion? Easy as 1,2,3
2018-02-18Didier StevensFinding VBA signatures in .docm files
2018-02-11Didier StevensFinding VBA signatures in Word documents
2017-12-16Xavier MertensMicrosoft Office VBA Macro Obfuscation via Metadata
2017-11-15Xavier MertensIf you want something done right, do it yourself!
2017-11-07Xavier MertensInteresting VBA Dropper
2017-08-26Didier StevensMalware analysis: searching for dots
2017-07-08Xavier MertensA VBScript with Obfuscated Base64 Data
2017-03-12Guy BruneauHoneypot Logs and Tracking a VBE Script
2017-02-26Guy BruneauIt is Tax Season - Watch out for Suspicious Attachment
2016-12-24Didier StevensPinging All The Way
2016-11-18Didier StevensVBA Shellcode and Windows 10
2016-10-17Didier StevensMaldoc VBA Anti-Analysis: Video
2016-10-16Didier StevensAnalyzing Office Maldocs With Decoder.xls
2016-10-15Didier StevensMaldoc VBA Anti-Analysis
2016-09-26Didier StevensVBA and P-code
2016-03-29Didier StevensVBE: Encoded VBS Script
2016-03-07Xavier MertensAnother Malicious Document, Another Way to Deliver Malicious Code
2015-03-14Didier StevensMaldoc VBA Sandbox/Virtualization Detection
2015-02-20Tom WebbFast analysis of a Tax Scam
2013-11-19Johannes Compromise - Possible 0-day
2010-07-23Mark HofmanvBulletin vB 3.8.6 vulnerability
2010-03-01Mark HofmanIE 0-day using .hlp files
2008-04-03Bojan ZdrnjaMixed (VBScript and JavaScript) obfuscation