Maldoc Analysis With CyberChef, (Sun, Jan 10th)

In diary entry “Maldoc Strings Analysis” I show how to analyze a malicious document, by extracting and dedocing strings with command-line tools.

In this video, I analyze the same malicious Word document, using CyberChef only. This is possible, because this particular maldoc contains a very long string with the payload, and this string can be extracted without parsing the structure of this .doc file.

I pasted the recipe on pastebin here.

Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com DidierStevensLabs.com

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Read More

The post Maldoc Analysis With CyberChef, (Sun, Jan 10th) appeared first on Malware Devil.

https://malwaredevil.com/2021/01/10/maldoc-analysis-with-cyberchef-sun-jan-10th/?utm_source=rss&utm_medium=rss&utm_campaign=maldoc-analysis-with-cyberchef-sun-jan-10th