This is a new tool to recover the password of encrypted MS Office documents. I quickly put together this script to help with the analysis of encrypted, malicious documents. This tool relies completely on Python module msoffcrypto to decrypt MS Office … [Continue Reading]
Update: format-bytes.py Version 0.0.7
In this update, I added support for “run-length encoded” ASCII dump (-A), and X and S representation for strings: format-bytes_V0_0_7.zip (https) MD5: 58D3380B48593B3497AD04ACB1719CF3 SHA256: … [Continue Reading]
Parsing the Cozy Bear LNK File
November 2018 saw a Cozy Bear/APT29 campaign, discussed in FireEye's blog post regarding APT29 activity (from 19 Nov 2018), as well as in this Yoroi blog regarding the Cozy Bear campaign (from 21 Nov 2018). I found this particular campaign a bit … [Continue Reading]
- « Previous Page
- 1
- 2
- 3
- 4
- 5
- 6
- …
- 488
- Next Page »