Word Macro Drops IcedID Trojan – Malware Analysis

HASH MD5: 4A88E83B325AA23DA1E4BFA90B4F7C34 File type: Office Open XML Document VT Score: 45/62 While I was going through Any.run report tracker, I came across this word document, I downloaded it for analysis. OleTools: I used OLETools to analyse the document macros. Olevba.py -a <file name> Indicators: Auto execute on opening document. May write a file to… Read More Word Macro Drops IcedID Trojan – Malware Analysis

Word Macro Malware Analysis

SHA256: dd81d70fa14f0e95b8cd2fe86a9a21a264cbb4bb32d80c4195fc13ee6791b994 Sample Link: Beta.VirusBay.io File Type: Microsoft Word File Extension: .doc I am going to use OLETools to analyse this word document sample. For initial document analysis I rely on this tool, if you have read my earlier blog posts on word macro analysis, you can see I have used this tool. >>oleid.py <word… Read More Word Macro Malware Analysis