Here is an overview of content I published in February:

Blog posts:

Update: numbers-to-hex.py Version 0.0.2 Create Your Own CMD.XLS Update: translate.py Version 2.2.0 for Locky JavaScript Deobfuscation More Obfuscated MIME Type Files

SANS ISC Diary entries:

Locky: JavaScript Deobfuscation Tip: Quick Analysis of Office Maldoc

Here is an overview of content I published in January:

Blog posts:

BlackEnergy .XLS Dropper Puzzle Update: base64dump.py Version 0.0.4 Update: emldump.py Version 0.0.6 Update: xor-kpa.py Version 0.0.2 Update: cut-bytes.py Version 0.0.3

YouTube Videos:

xor-kpa.py: XOR Known-Plaintext Attack Creating CMD.XLS CMD.DLL: From DLL To VBA BlackEnergy .XLS Dropper

SANS ISC Diary entries:

Failure Is An Option A Tip For The Analysis Of MIME Files BlackEnergy .XLS Dropper Sigcheck and VirusTotal for Offline Machine Obfuscated MIME Files

Here is an overview of content I published in December:

Blog posts:

Windows Backup Privilege: CMD.EXE BruCON Spring Training 2016: Analysing Malicious Documents Update: oledump.py Version 0.0.22 MIME File With “Header” Maldoc GET Range SHA256 Code Signing and Microsoft

YouTube videos:

MIME File With Header Analysis Of A Corrupt OLE File

Videoblog posts:

SpiderMonkey: Dump MIME File With Header Analysis Of A Corrupt OLE File

SANS ISC Diary entries:

Use The Privilege Malfunctioning Malware