Internet Storm Center
Sign In
Sign Up
Handler on Duty:
Didier Stevens
Threat Level:
green
Date
Author
Title
EXCEL 40 MACROS
2019-03-17
Didier Stevens
Video: Maldoc Analysis: Excel 4.0 Macro
2019-03-16
Didier Stevens
Maldoc: Excel 4.0 Macros
EXCEL
2024-07-13/a>
Didier Stevens
16-bit Hash Collisions in .xls Spreadsheets
2023-08-23/a>
Xavier Mertens
More Exotic Excel Files Dropping AgentTesla
2022-07-10/a>
Guy Bruneau
Excel 4 Emotet Maldoc Analysis using CyberChef
2022-07-07/a>
Brad Duncan
Emotet infection with Cobalt Strike
2022-04-20/a>
Brad Duncan
"aa" distribution Qakbot (Qbot) infection with DarkVNC traffic
2022-04-06/a>
Brad Duncan
Windows MetaStealer Malware
2022-03-25/a>
Xavier Mertens
XLSB Files: Because Binary is Stealthier Than XML
2022-01-22/a>
Xavier Mertens
Mixed VBA & Excel4 Macro In a Targeted Excel Sheet
2022-01-05/a>
Xavier Mertens
Code Reuse In the Malware Landscape
2021-11-19/a>
Xavier Mertens
Downloader Disguised as Excel Add-In (XLL)
2021-09-25/a>
Didier Stevens
Strings Analysis: VBA & Excel4 Maldoc
2021-09-25/a>
Didier Stevens
Video: Strings Analysis: VBA & Excel4 Maldoc
2021-09-23/a>
Xavier Mertens
Excel Recipe: Some VBA Code with a Touch of Excel4 Macro
2021-09-01/a>
Brad Duncan
STRRAT: a Java-based RAT that doesn't care if you have Java
2021-03-03/a>
Brad Duncan
Qakbot infection with Cobalt Strike
2021-02-28/a>
Didier Stevens
Maldocs: Protection Passwords
2021-02-22/a>
Didier Stevens
Unprotecting Malicious Documents For Inspection
2021-02-17/a>
Brad Duncan
Malspam pushing Trickbot gtag rob13
2021-02-03/a>
Brad Duncan
Excel spreadsheets push SystemBC malware
2021-01-20/a>
Brad Duncan
Qakbot activity resumes after holiday break
2021-01-14/a>
Bojan Zdrnja
Dynamically analyzing a heavily obfuscated Excel 4 macro malicious file
2020-12-12/a>
Didier Stevens
Office 95 Excel 4 Macros
2020-12-09/a>
Brad Duncan
Recent Qakbot (Qbot) activity
2020-10-26/a>
Didier Stevens
Excel 4 Macros: "Abnormal Sheet Visibility"
2020-08-26/a>
Xavier Mertens
Malicious Excel Sheet with a NULL VT Score
2020-06-12/a>
Xavier Mertens
Malicious Excel Delivering Fileless Payload
2020-06-01/a>
Didier Stevens
XLMMacroDeobfuscator: An Update
2020-04-24/a>
Xavier Mertens
Malicious Excel With a Strong Obfuscation and Sandbox Evasion
2020-04-05/a>
Guy Bruneau
Maldoc XLS Invoice with Excel 4 Macros
2020-03-29/a>
Didier Stevens
Obfuscated Excel 4 Macros
2020-03-09/a>
Didier Stevens
Malicious Spreadsheet With Data Connection and Excel 4 Macros
2020-03-06/a>
Xavier Mertens
A Safe Excel Sheet Not So Safe
2020-02-24/a>
Didier Stevens
Maldoc: Excel 4 Macros and VBA, Devil and Angel?
2020-02-23/a>
Didier Stevens
Maldoc: Excel 4 Macros in OOXML Format
2019-11-08/a>
Xavier Mertens
Microsoft Apps Diverted from Their Main Use
2019-03-25/a>
Didier Stevens
"VelvetSweatshop" Maldocs: Shellcode Analysis
2019-03-23/a>
Didier Stevens
"VelvetSweatshop" Maldocs
2019-03-17/a>
Didier Stevens
Video: Maldoc Analysis: Excel 4.0 Macro
2019-03-16/a>
Didier Stevens
Maldoc: Excel 4.0 Macros
2018-10-10/a>
Xavier Mertens
New Campaign Using Old Equation Editor Vulnerability
2018-09-28/a>
Xavier Mertens
More Excel DDE Code Injection
2018-05-22/a>
Xavier Mertens
Malware Distributed via .slk Files
2018-02-02/a>
Xavier Mertens
Simple but Effective Malicious XLS Sheet
2017-04-19/a>
Xavier Mertens
Hunting for Malicious Excel Sheets
2015-05-15/a>
Didier Stevens
Another Maldoc? I'm Afraid So...
2010-03-09/a>
John Bambenek
March 2010 - Microsoft Patch Tuesday Diary
2009-07-13/a>
Adrien de Beaupre
Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution
40
2022-08-26/a>
Guy Bruneau
HTTP/2 Packet Analysis with Wireshark
2020-11-21/a>
Guy Bruneau
VMware privilege escalation vulnerabilities (CVE-2020-4004, CVE-2020-4005) - https://www.vmware.com/security/advisories/VMSA-2020-0026.html
2019-03-17/a>
Didier Stevens
Video: Maldoc Analysis: Excel 4.0 Macro
2019-03-16/a>
Didier Stevens
Maldoc: Excel 4.0 Macros
2017-07-19/a>
Xavier Mertens
Bots Searching for Keys & Config Files
2014-06-12/a>
Johannes Ullrich
Metasploit now includes module to exploit CVE-2014-0195 (OpenSSL DTLS Fragment Vuln.)
2014-05-21/a>
John Bambenek
New, Unpatched IE 0 Day published at ZDI
2014-03-02/a>
Stephen Hall
Symantec goes yellow
2012-04-12/a>
Guy Bruneau
HP ProCurve 5400 zl Switch, Flash Cards Infected with Malware
2011-08-05/a>
Johannes Ullrich
Common Web Attacks. A quick 404 project update
2011-07-28/a>
Johannes Ullrich
Announcing: The "404 Project"
2009-11-11/a>
Rob VandenBrink
Apple Safari 4.0.4 Released
2006-10-05/a>
Swa Frantzen
MS06-053 revisited ?
2006-08-31/a>
Joel Esler
MS06-040 Worm
MACROS
2022-04-20/a>
Brad Duncan
"aa" distribution Qakbot (Qbot) infection with DarkVNC traffic
2021-12-02/a>
Brad Duncan
TA551 (Shathak) pushes IcedID (Bokbot)
2021-09-01/a>
Brad Duncan
STRRAT: a Java-based RAT that doesn't care if you have Java
2021-03-03/a>
Brad Duncan
Qakbot infection with Cobalt Strike
2021-02-03/a>
Brad Duncan
Excel spreadsheets push SystemBC malware
2021-01-26/a>
Brad Duncan
TA551 (Shathak) Word docs push Qakbot (Qbot)
2021-01-20/a>
Brad Duncan
Qakbot activity resumes after holiday break
2021-01-13/a>
Brad Duncan
Hancitor activity resumes after a hoilday break
2020-12-09/a>
Brad Duncan
Recent Qakbot (Qbot) activity
2020-10-26/a>
Didier Stevens
Excel 4 Macros: "Abnormal Sheet Visibility"
2020-10-14/a>
Brad Duncan
More TA551 (Shathak) Word docs push IcedID (Bokbot)
2020-08-07/a>
Brad Duncan
TA551 (Shathak) Word docs push IcedID (Bokbot)
2020-07-15/a>
Brad Duncan
Word docs with macros for IcedID (Bokbot)
2020-07-10/a>
Brad Duncan
Excel spreasheet macro kicks off Formbook infection
2020-06-10/a>
Brad Duncan
Job application-themed malspam pushes ZLoader
2020-06-01/a>
Didier Stevens
XLMMacroDeobfuscator: An Update
2020-05-20/a>
Brad Duncan
Microsoft Word document with malicious macro pushes IcedID (Bokbot)
2020-04-05/a>
Guy Bruneau
Maldoc XLS Invoice with Excel 4 Macros
2020-03-29/a>
Didier Stevens
Obfuscated Excel 4 Macros
2020-03-09/a>
Didier Stevens
Malicious Spreadsheet With Data Connection and Excel 4 Macros
2020-02-24/a>
Didier Stevens
Maldoc: Excel 4 Macros and VBA, Devil and Angel?
2020-02-23/a>
Didier Stevens
Maldoc: Excel 4 Macros in OOXML Format
2019-06-18/a>
Brad Duncan
Malspam with password-protected Word docs pushing Dridex
2019-03-17/a>
Didier Stevens
Video: Maldoc Analysis: Excel 4.0 Macro
2019-03-16/a>
Didier Stevens
Maldoc: Excel 4.0 Macros
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
The Internet Storm Center is a community for everyone, so
join the conversation