top of page
How-To: Installing Oledump in Windows
In this video, we’ll look into installing OLEDUMP in Microsoft Windows. Microsoft office documents are a common vehicle used by malware...
Josh Stroschein
Feb 11, 20211 min read
37 views
Creating an IDA Python Plugin for Static XOR String Deobfuscation
In this video, we’ll explore a recent XLS document that drops and executes a DLL using RUNDLL32. The DLL is small and only used to...
Josh Stroschein
Jan 6, 20211 min read
282 views
Emotet Maldoc Analysis – Embedded DLL and CertUtil for Base64 Decoding
On 11/10/2020, AnyRun posted an Emotet maldoc that utilized CertUtil to decode a DLL payload that was used for unpacking and running the...
Josh Stroschein
Dec 2, 20201 min read
30 views
bottom of page