Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

A Deep Dive Into Malicious Documents

Hack In The Box Security Conference via YouTube

Overview

Dive deep into the world of malicious documents in this comprehensive conference talk from HITB2018AMS CommSec. Explore the anatomy of attacks leveraging Office documents, learn to analyze macros using Oledump and the Office IDE, and master debugging techniques. Uncover macro obfuscation methods and their use of Windows API, while understanding the social engineering aspects that ensure successful delivery. Examine the use of forms to store secondary content, including embedded executables and shellcode. Discover techniques for staging and executing shellcode, with a focus on process hollowing. Investigate macro utilization of PowerShell and VB Scripts, and explore creative ways to deobfuscate code. Learn about code execution without macros and attacks targeting OSX. Gain insights into the prevalence of Office documents in malware distribution attacks and prepare yourself to tackle any malicious document encountered in the wild.

Syllabus

Intro
Social Engineering and MACROS
Basic Concept of Operations
oledump
Office IDE
Debugging
Runtime Analysis
Sometimes Encounter Passwords
Social Engineering abounds
Embedded Content
Obfuscation
Windows API
Shellcode
process hollowing - DEMO
powershell

Taught by

Hack In The Box Security Conference

Reviews

Start your review of A Deep Dive Into Malicious Documents

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.