As I explained in blog post VBA Purging, VBA code contained in Module Streams is made up of compiled code (PerformanceCache) and source code (CompressedSourceCode). If you alter the compiled code (PerformanceCache) properly and leave the source code … [Continue Reading]
Update: base64dump.py Version 0.0.12
This new version of base64dump.py adds the following new features: encoding zxc (0x4D,0x5A,0x90,…) update for YARA rules update for –cut option option -A: run-length encoded HEX/ASCII dump warning when no encoding was selected environment variable … [Continue Reading]
Overview of Content Published in June
Here is an overview of content I published in June: Blog posts: add-admin: Tiny EXE To Add Administrative Account Update: translate.py Version 2.5.8 FalsePositive GitHub Repository VBA Purging YouTube videos: YARA’s BASE64 Strings Videoblog … [Continue Reading]
- « Previous Page
- 1
- …
- 3
- 4
- 5
- 6
- 7
- …
- 513
- Next Page »