Video: VBA Maldoc & UTF7 (APT-C-35), (Sun, Sep 4th)


I recorded a video for the maldoc analysis I did in diary entries “VBA Maldoc & UTF7 (APT-C-35)” and “Update: VBA Maldoc & UTF7 (APT-C-35)“.

The analysis of shellcode is a bit different in the video, compared to the 2 diary entries I wrote. There’s often more than one solution when doing maldoc analysis 🙂 .

Didier Stevens
Senior handler
Microsoft MVP

(c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.

Photo Credit:

From Wikimedia Commons, the free media repository
English: The Information Security triad: CIA. Second version
Date 5 February 2022
Source This file was derived from: CIAJMK1209.png
Michel Bakni (1989–) Blue pencil.svg wikidata:Q81411358
I, the copyright holder of this work, hereby publish it under the following license:
w:en:Creative Commons
attribution share alike
This file is licensed under the Creative Commons Attribution-Share Alike 4.0 International license.

Reposted from SANS. View original.

Alex Post