all InfoSec news
Malware Analysis of a Emotet Word Document
April 19, 2024, 2:57 p.m. | Hüseyin EKŞİ
System Weakness - Medium systemweakness.com
In this blog post, I will show how to analyze a malicious Word document.
Resources
Sample:
- MD5: 29b48523e390bf2393796049d7042461
- SHA256: 26ba3fe65926140305a8fa605d09b8bd2fb8251648eac9b3165fb884a506e837
- Download Link: abuse.ch
- Anyrun link: any.run
Tools:
- Linux commands(I am using Remnux)
- oletools
- CyberChef
Getting started with static analysis
Download the zip file and extract it using e.g. 7-zip with the password “infected”. Let’s also rename the document to something like “malwaredocument.docx”, which saves us from typing the SHA256 hash in the future.
Identify file type and metadata
We can …
7-zip abuse analysis blog blog post cybersecurity document docx emotet extract file link linux linux commands malicious malware malware analysis md5 password word word document zip
More from systemweakness.com / System Weakness - Medium
Spring Boot Integration Shiro Quick Start Demo
1 day, 12 hours ago |
systemweakness.com
A Deep Dive into Network Security Threats
1 day, 12 hours ago |
systemweakness.com
Defensive Security: Installing PHPIDS on LAMP Servers
1 day, 12 hours ago |
systemweakness.com
TryHackMe Network Services Writeup
1 day, 12 hours ago |
systemweakness.com
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Consultant Sécurité SI Gouvernance - Risques - Conformité H/F - Strasbourg
@ Hifield | Strasbourg, France
Lead Security Specialist
@ KBR, Inc. | USA, Dallas, 8121 Lemmon Ave, Suite 550, Texas
Consultant SOC / CERT H/F
@ Hifield | Sèvres, France