Video: VBA Maldoc & UTF7 (APT-C-35), (Sun, Sep 4th)

CIAJMK1209-en
CIAJMK1209-en

I recorded a video for the maldoc analysis I did in diary entries “VBA Maldoc & UTF7 (APT-C-35)” and “Update: VBA Maldoc & UTF7 (APT-C-35)“.

The analysis of shellcode is a bit different in the video, compared to the 2 diary entries I wrote. There’s often more than one solution when doing maldoc analysis 🙂 .

Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Photo Credit:

File:CIAJMK1209-en.svg
From Wikimedia Commons, the free media repository
English: The Information Security triad: CIA. Second version
Date 5 February 2022
Source This file was derived from: CIAJMK1209.png
Author
Michel Bakni (1989–) Blue pencil.svg wikidata:Q81411358
Licensing
I, the copyright holder of this work, hereby publish it under the following license:
w:en:Creative Commons
attribution share alike
This file is licensed under the Creative Commons Attribution-Share Alike 4.0 International license.

Reposted from SANS. View original.

Alex Post