Analyzing Malicious OneNote Documents

About a week ago, I was asked if I had tools for OneNote files. I don’t, and I had no time to take a closer look. But last Thursday night, I had some time to take a look. I looked at this OneNote maldoc sample. I opened the file in the binary editor I use often (010 Editor): I expected to see some magic header, a...

6d

Analyzing Malicious OneNote Documents

About a week ago, I was asked if I had tools for OneNote files. I don’t, and I had no time to take a closer look. But last Thursday night, I had some time to take a look. I looked at this OneNote maldoc sample. I opened the file in the binary editor I use often (010 Editor): I expected to see some magic header, a...

6d

Update: process-binary-file Version 0.0.8

New functions and classes have been added to process-binary-file.py. python-templates_V0_0_9.zip (http)MD5: 7C5E8602F225735015E9A431C5818762SHA256: CAEEEBB1E402E5127A431446A01BBE607B22AA0EB1F6FA12B8E7703275BE6F15

6d

New Tool: onedump.py

This is a new tool (based on my Python template for binary files) to analyze OneNote files. This version is limited to handling embedded files (for the moment). As I might still make significant changes to the user interface, I’ve put this tool in my GitHub beta repository.

6d

Update: process-binary-file Version 0.0.8

New functions and classes have been added to process-binary-file.py. python-templates_V0_0_9.zip (http)MD5: 7C5E8602F225735015E9A431C5818762SHA256: CAEEEBB1E402E5127A431446A01BBE607B22AA0EB1F6FA12B8E7703275BE6F15

6d

New Tool: onedump.py

This is a new tool (based on my Python template for binary files) to analyze OneNote files. This version is limited to handling embedded files (for the moment). As I might still make significant changes to the user interface, I’ve put this tool in my GitHub beta repository.

6d

Overview of Content Published in 2022

Here is an overview of content I published in 2022: Blog posts: Update: jpegdump.py Version 0.0.9 Windows Explorer: Improper Exif Data Removal Beta: smtp-honeypot.py Update: oledump.py Version 0.0.63 Update: 1768.py Version 0.0.12 Update: oledump.py Version 0.0.64 New Tool: xlsbdump.py spring4shell Capture File Power Consumption...

4w

Overview of Content Published in 2022

Here is an overview of content I published in 2022: Blog posts: Update: jpegdump.py Version 0.0.9 Windows Explorer: Improper Exif Data Removal Beta: smtp-honeypot.py Update: oledump.py Version 0.0.63 Update: 1768.py Version 0.0.12 Update: oledump.py Version 0.0.64 New Tool: xlsbdump.py spring4shell Capture File Power Consumption...

4w

Overview of Content Published in December

Here is an overview of content I published in December: Blog posts: Update: python-per-line.py Version 0.0.9 Extracting Certificates For Defender Update: count.py Version 0.3.1 Update: hash.py Version 0.0.9 Update: virustotal-search.py Version 0.1.8 Update: zipdump.py Version 0.0.23 New tool: teeplus.py Update: filescanner...

4w

Overview of Content Published in December

Here is an overview of content I published in December: Blog posts: Update: python-per-line.py Version 0.0.9 Extracting Certificates For Defender Update: count.py Version 0.3.1 Update: hash.py Version 0.0.9 Update: virustotal-search.py Version 0.1.8 Update: zipdump.py Version 0.0.23 New tool: teeplus.py Update: filescanner...

4w