MS Excel Malware Analysis

MD5: bcdadfdc16bcf022384c4631849e1396 File Type: Microsoft Excel File Extension: .xlsm File Name: BillINV-01364_CLIENT_Schedule.xlsm File Preview: I am analyzing excel file using OleTools to detect suspicious code and IOCs. > oleid <FileName> Oleid will help to know whether file has any embedded OLE/Flash objects,VBA macros Its clear from the above output of oelid, it has suspicious VBA… Read More MS Excel Malware Analysis

Word Macro Drops IcedID Trojan – Malware Analysis

HASH MD5: 4A88E83B325AA23DA1E4BFA90B4F7C34 File type: Office Open XML Document VT Score: 45/62 While I was going through report tracker, I came across this word document, I downloaded it for analysis. OleTools: I used OLETools to analyse the document macros. -a <file name> Indicators: Auto execute on opening document. May write a file to… Read More Word Macro Drops IcedID Trojan – Malware Analysis