Word document analysis with oledump.py

It seems that macro based document are, again, used to spread malware. Even the Malware Protection Centre from Microsoft mentioned it recently. Seems like an old trick, but apparently works like a charm. Most probably users trust too much Office documents as they keep exchanging them multiple time per day as part of their business/private activities. Most malicious Office documents have a macro that actually download a malicious file. Let’s see a quick way to have a better view on what exactly is happening.

Continue reading “Word document analysis with oledump.py”