all InfoSec news
Malware Analysis of a Emotet Word Document
April 19, 2024, 2:57 p.m. | Hüseyin EKŞİ
System Weakness - Medium systemweakness.com
In this blog post, I will show how to analyze a malicious Word document.
Resources
Sample:
- MD5: 29b48523e390bf2393796049d7042461
- SHA256: 26ba3fe65926140305a8fa605d09b8bd2fb8251648eac9b3165fb884a506e837
- Download Link: abuse.ch
- Anyrun link: any.run
Tools:
- Linux commands(I am using Remnux)
- oletools
- CyberChef
Getting started with static analysis
Download the zip file and extract it using e.g. 7-zip with the password “infected”. Let’s also rename the document to something like “malwaredocument.docx”, which saves us from typing the SHA256 hash in the future.
Identify file type and metadata
We can …
7-zip abuse analysis blog blog post cybersecurity document docx emotet extract file link linux linux commands malicious malware malware analysis md5 password word word document zip
More from systemweakness.com / System Weakness - Medium
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Principal Business Value Consultant
@ Palo Alto Networks | Chicago, IL, United States
Cybersecurity Specialist, Sr. (Container Hardening)
@ Rackner | San Antonio, TX
Penetration Testing Engineer- Remote United States
@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700
Internal Audit- Compliance & Legal Audit-Dallas-Associate
@ Goldman Sachs | Dallas, Texas, United States
Threat Responder
@ Deepwatch | Remote