Skip to content
Github Twitter YouTube
Lost in Security (and mostly everything else)
Skip to content
  • About me
  • My GitHub Repos
  • Packet Analysis
  • SecurityOnion
  • Challenges
Home Posts tagged "Deobfuscation"

Tag: Deobfuscation

2022-05-13 Quick Remcos Deobfusction

Herbie Zimmerman May 17, 2022 May 17, 2022Code Deobfuscation, Remcos RAT 0

Summary ========= Decided that I would take a crack at trying to deobfuscate the VBScript that was in a sample of Remcos malspam since I haven’t been doing it for a long while. The VBScript can be found over at Any.Run inside a zip file (malspam attachment). I’ll do a…

Continue reading

Deobfuscating an Emotet MalDoc Script

Herbie Zimmerman December 5, 2017 December 5, 2017Code Deobfuscation, Emotet 0

So this post covers the malicious macro script that was found in an older writeup for Emotet which you can find here. While one could develop tools to help deobfuscate the macro script like @David Ledbetter did in his blog post, I wanted to show another way of doing it…

Continue reading

Powered by Nirvana & WordPress.