Quickie: String Analysis & Maldocs, (Fri, Dec 25th)

Yesterday, Xavier showed how to start analyzing a malicious Word document with my oledump.py tool.

Some time ago, I wrote a diary entry about string analysis: “Quickie: String Analysis is Still Useful“, and would like to remark that this is another method to start analyzing the maldoc Xavier mentioned yesterday:

Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com DidierStevensLabs.com

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Reposted from SANS. View original.