![]() The initial sample and some relevant reports: Received through one of our () YARA hunt rules that search for suspicious Microsoft Office documents. The sample we'll dive into originally popped up on our RADAR a few weeks ago, just around the new year. Ultimately, our goal is to orchestrate the carving of as many artifacts as possible, for robust threat detection and prevention. During our analysis, we also point out some tool limitations and present our solution to closing the gap. We show how existing open source tools can be utilized to carve out interesting artifacts. In this article, we present our in-depth analysis of a malicious Microsoft Excel document (.xlm format) that we found in the wild. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |