top of page
Josh Stroschein
Feb 11, 20211 min read
How-To: Installing Oledump in Windows
In this video, we’ll look into installing OLEDUMP in Microsoft Windows. Microsoft office documents are a common vehicle used by malware...
27 views
Josh Stroschein
Jan 6, 20211 min read
Creating an IDA Python Plugin for Static XOR String Deobfuscation
In this video, we’ll explore a recent XLS document that drops and executes a DLL using RUNDLL32. The DLL is small and only used to...
198 views
Josh Stroschein
Dec 2, 20201 min read
Emotet Maldoc Analysis – Embedded DLL and CertUtil for Base64 Decoding
On 11/10/2020, AnyRun posted an Emotet maldoc that utilized CertUtil to decode a DLL payload that was used for unpacking and running the...
25 views
bottom of page