Malicious Document Analysis: Dropper Analysis

Question

I need help with this lab. going through the Malicious document analysis section of the Incident response badge. it goes from "use olevba" to analyse documents to wanting you to edit python script to manually de-obfuscate files. there’s no guidance on doing this within the lab and the lab doesn’t refer you to anywhere else you can learn/ get information that will help with this lab. i don’t want the answers or my hand holding, but a pointer in the right direction within the lab would be nice.

is there any other labs people recommend that may help prepare me for this one?

samdickison · Answer

Hey Lumb3rH4ck​ If you want to build foundational skills for this, I recommend checking out the Python Scripting for Malware Analysis series or Malicious Document Analysis: Visual Basic for Applications (VBA) to get comfortable with handling obfuscated logic and streams.

Forum Discussion

Malicious Document Analysis: Dropper Analysis

1 Reply

Featured Places

Help

Related Content

Malicious Document Analysis: Dropper Analysis

copy-paste-compromise-malicious-documents-analysis

Malicious Document Analysis: Dropper Analysis

Malicious Document Analysis: Visual Basic for Applications (VBA) Question 6

Practical Malware Analysis: Static Analysis

Recent Discussions

CTI First Principles: Threat actors and attribution Q9

Error in lab in SVMs Behavior Detection

Malicious Document Analysis: Dropper Analysis

Healthcare Compliance

Advanced CTF Challenge: Inner Maze