Forum Discussion
jjdeno99
Bronze I
24 days agoIncident Response: Suspicious Email – Part 2 -Help Needed.
Hi, I'm currently trying to complete this lab but I'm stuck on step 10. I have tried to use the different tools at hand but I'm struggling to extract the VBA and getting the binaries for it. Any hel...
Sw33p
Bronze I
23 days agoHi there I managed to solve that Step by manually getting all the "DataDump" Decimalnumbers into one separate file then proceeding to change the Decimals to ASCII. With that you'll get a new file with partially readable Text.
I created a Pythonscript to change the Decimals to ASCII but I suspect oletools has the capability for this aswell, however I'm unfamiliar with them so I just scripted something. Maybe there is further oletools Labs which could provide the necessary background info.
Before this I used olevba to extract the Information of the Binary file.