Internet Storm Center
Sign In
Sign Up
Watch ISC TV. Great for NOCs, SOCs and Living Rooms:
https://isctv.sans.edu
Handler on Duty:
Guy Bruneau
Threat Level:
green
Date
Author
Title
2022-07-10
Guy Bruneau
Excel 4 Emotet Maldoc Analysis using CyberChef
2022-07-07
Brad Duncan
Emotet infection with Cobalt Strike
2022-04-20
Brad Duncan
"aa" distribution Qakbot (Qbot) infection with DarkVNC traffic
2022-04-06
Brad Duncan
Windows MetaStealer Malware
2022-03-25
Xavier Mertens
XLSB Files: Because Binary is Stealthier Than XML
2022-01-22
Xavier Mertens
Mixed VBA & Excel4 Macro In a Targeted Excel Sheet
2022-01-05
Xavier Mertens
Code Reuse In the Malware Landscape
2021-11-19
Xavier Mertens
Downloader Disguised as Excel Add-In (XLL)
2021-09-25
Didier Stevens
Strings Analysis: VBA & Excel4 Maldoc
2021-09-25
Didier Stevens
Video: Strings Analysis: VBA & Excel4 Maldoc
2021-09-23
Xavier Mertens
Excel Recipe: Some VBA Code with a Touch of Excel4 Macro
2021-09-01
Brad Duncan
STRRAT: a Java-based RAT that doesn't care if you have Java
2021-03-03
Brad Duncan
Qakbot infection with Cobalt Strike
2021-02-28
Didier Stevens
Maldocs: Protection Passwords
2021-02-22
Didier Stevens
Unprotecting Malicious Documents For Inspection
2021-02-17
Brad Duncan
Malspam pushing Trickbot gtag rob13
2021-02-03
Brad Duncan
Excel spreadsheets push SystemBC malware
2021-01-20
Brad Duncan
Qakbot activity resumes after holiday break
2021-01-14
Bojan Zdrnja
Dynamically analyzing a heavily obfuscated Excel 4 macro malicious file
2020-12-12
Didier Stevens
Office 95 Excel 4 Macros
2020-12-09
Brad Duncan
Recent Qakbot (Qbot) activity
2020-10-26
Didier Stevens
Excel 4 Macros: "Abnormal Sheet Visibility"
2020-08-26
Xavier Mertens
Malicious Excel Sheet with a NULL VT Score
2020-06-12
Xavier Mertens
Malicious Excel Delivering Fileless Payload
2020-06-01
Didier Stevens
XLMMacroDeobfuscator: An Update
2020-04-24
Xavier Mertens
Malicious Excel With a Strong Obfuscation and Sandbox Evasion
2020-04-05
Guy Bruneau
Maldoc XLS Invoice with Excel 4 Macros
2020-03-29
Didier Stevens
Obfuscated Excel 4 Macros
2020-03-09
Didier Stevens
Malicious Spreadsheet With Data Connection and Excel 4 Macros
2020-03-06
Xavier Mertens
A Safe Excel Sheet Not So Safe
2020-02-24
Didier Stevens
Maldoc: Excel 4 Macros and VBA, Devil and Angel?
2020-02-23
Didier Stevens
Maldoc: Excel 4 Macros in OOXML Format
2019-11-08
Xavier Mertens
Microsoft Apps Diverted from Their Main Use
2019-03-25
Didier Stevens
"VelvetSweatshop" Maldocs: Shellcode Analysis
2019-03-23
Didier Stevens
"VelvetSweatshop" Maldocs
2019-03-17
Didier Stevens
Video: Maldoc Analysis: Excel 4.0 Macro
2019-03-16
Didier Stevens
Maldoc: Excel 4.0 Macros
2018-10-10
Xavier Mertens
New Campaign Using Old Equation Editor Vulnerability
2018-09-28
Xavier Mertens
More Excel DDE Code Injection
2018-05-22
Xavier Mertens
Malware Distributed via .slk Files
2018-02-02
Xavier Mertens
Simple but Effective Malicious XLS Sheet
2017-04-19
Xavier Mertens
Hunting for Malicious Excel Sheets
2015-05-15
Didier Stevens
Another Maldoc? I'm Afraid So...
2010-03-09
John Bambenek
March 2010 - Microsoft Patch Tuesday Diary
2009-07-13
Adrien de Beaupre
Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Forums
Auditing
Diary Discussions
Forensics
General Discussions
Industry News
Network Security
Penetration Testing
Software Security
Contact Us
Contact Us
About Us
Handlers
Slack Channel
Mastodon
Twitter
Integrate
our data
into your projects