Forum Discussion

wubzydadbod's avatar
wubzydadbod
Icon for Bronze II rankBronze II
2 months ago

Malicious Document Analysis: Dropper Analysis

I have completed up to question 6 on here and I can not get the python script to work. I have gone through and "fixed" the required portions but keep getting "modulenotfound: no module named 'oletools'". Any pointers on what I'm doing wrong and how to fix it would be appreciated.

  • So, when I did the lab (back in 2019) - I didn't keep such good notes (and I suspect the formatting may have changed a little anyway). My solution to get the powershell script didn't rely on a python script - I just used olevba, plus a grep and a couple of bash for loops to get the output... let me go check and see if it still works... 

  • TillyCorless's avatar
    TillyCorless
    Icon for Community Manager rankCommunity Manager

    Hi wubzydadbod I've asked internally for some support with your question and will come back to you. In the meantime, you may find that someone else in the community is able to help with your challenge. Thanks!

    • wubzydadbod's avatar
      wubzydadbod
      Icon for Bronze II rankBronze II

      i got it a different way but I would be interested in knowing what I was doing wrong in python

      • netcat's avatar
        netcat
        Icon for Bronze III rankBronze III

        You didn't do anything wrong, but the provided script doesn't work because it depends on a python package that is not available.

        Do a "pip freeze" and you'll see that there are many packages installed, but oletools is not listed there. You'll have similar issues with other old labs, because the operation system image was re-created (with a newer Linux or Windows version), but not all tools were re-installed.