Good news ! Hackbusters community is waiting for you !
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at:

Analysis of a Maldoc with Multiple Layers of Obfuscation, (Fri, Apr 21st)


Thanks to our readers, we get often interesting samples to analyze. This time, Frederick sent us a malicious Microsoft Word document called "Invoice_6083.doc" (which was delivered in a zip archive). I had a quick lookat it and it was interesting enough for a quick diary.

viper Invoice_6083.doc > info +----------+---------------------------------------------------------------------------------------+ | Key | Value | +----------+---------------------------------------------------------------------------------------+ | Name | Invoice_6083.doc | | Tags | isc | | Path | /home/nonroot/.viper/binaries/d/6/8/7/d687ee9fe3b034dcd1e53fb37e2b26bc60e74ff505808b5 | | | 77f2c633d5549e422 | | Size | 626688 | | Type | Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, Code | | | page: 1252, Author: VICTOR PC, Template: Normal.dotm, Last Saved By: VICTOR PC, | | | Revision Number: 2, Name of Creating Application: Microsoft Office Word, Total | | | Editing...(continued)
View All Trending Stories