"How to Extract Flash Objects From Malicious MS Office Documents"

"How to Extract Flash Objects From Malicious MS Office Documents": Authors of malicious Microsoft Office document can execute code on the victim's system using several techniques, including VB macros and exploits. Another approach, which has been growing in popularity, involves embedded Flash programs in the Office document. These Flash programs can download or directly incorporate additional malicious code without the victim's knowledge. This note demonstrates several steps for extracting malicious Flash objects from Microsoft Office document files, so you can analyze them. We take a brief look at using strings, Pyew, hachoir-subfile, xxxswf.py and extract_swf.py tools for this purpose.

Comments

Popular posts from this blog

Investigating Indicators of Compromise In Your Environment With Latest Version of Redline

Painting a Picture of W32.Flamer

Flame: Bunny, Frog, Munch and BeetleJuice…