all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Quickpost: Analysis of PDF/ActiveMime Polyglot Maldocs

Add to bookmarks
Aug. 29, 2023, 10:56 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

jpcert reported a new type of maldoc: “MalDoc in PDF – Detection bypass by embedding a malicious Word file into a PDF file –“.


These maldocs are PDF files that embed a Word document (ActiveMime) in MIME format.


ActiveMime documents can be analyzed by combining my emldump.py tool and oledump.py.


ActiveMime documents were heavily obfuscated in the past, and this is also the case here. As emldump.py version 0.0.11 was only able to handle the obfuscation …

analysis bypass detection document documents file files maldoc maldoc in pdf maldocs malicious malware analysis mime oledump pdf polyglot quickpost tool word word document

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

How to Incorporate SAST, DAST, and SCA into the SDLC 10 hours ago | malware.news
application application security application security testing application security testing tools +12
Nslookup's Debug Options, (Sun, May 5th) 12 hours ago | malware.news
debug dns machine may +4
Pay up, or else? – Week in security with Tony Anscombe 1 day ago | malware.news
attack caught dilemma hard +10
Sintesi riepilogativa delle campagne malevole nella settimana del 27 Aprile – 3 Maggio 2024 1 day, 3 hours ago | malware.news
cert con cui dei +2
Malware Simulators cannot test Antivirus Software 1 day, 14 hours ago | malware.news
malware analysis topic
Ready2Run - Is dnSpy dead? 1 day, 14 hours ago | malware.news
malware analysis topic
Security above all else—expanding Microsoft’s Secure Future Initiative 1 day, 17 hours ago | malware.news
cyberattacks cybersecurity future high +11
FBI warns of email spoofing by North Korean threat actor Kimsuky 1 day, 20 hours ago | malware.news
actor article dmarc domains +16
You get a passkey, you get a passkey, everyone should get a passkey 1 day, 23 hours ago | malware.news
accounts can consumer cracked +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Analyst

@ Northwestern Memorial Healthcare | Chicago, IL, United States
View on infosec-jobs.com

GRC Analyst

@ Richemont | Shelton, CT, US
View on infosec-jobs.com

Security Specialist

@ Peraton | Government Site, MD, United States
View on infosec-jobs.com

Information Assurance Security Specialist (IASS)

@ OBXtek Inc. | United States
View on infosec-jobs.com

Cyber Security Technology Analyst

@ Airbus | Bengaluru (Airbus)
View on infosec-jobs.com

Vice President, Cyber Operations Engineer

@ BlackRock | LO9-London - Drapers Gardens
View on infosec-jobs.com
View more jobs