Analyzing Password Protected Documents

Recently, there has been an upsurge of an attacker, defending malicious office documents that they send to their victims. In this article, we will explore several different tools and methodologies that can be used to analyze such files.

Methods and tools:
1. Copy Macros.
2. Re-Save Without Password.
3. Decrypt with MSOffice-Crypt & Analyze w/ olevba|ViperMonkey.
4. Simply Open w/ LibreOffice.

The author of the blog describes these methods and prefers the first method, as he calls himself – a command-line junkie. In conclusion makes recommendations. Have a nice study.

More.

DISCLAIMER: THIS POST IS FOR INFORMATIONAL PURPOSES ONLY AND IS NOT TO BE CONSIDERED LEGAL ADVICE ON ANY SUBJECT MATTER. DIGITAL FORENSICS CORP. IS NOT A LAWFIRM AND DOES NOT PROVIDE LEGAL ADVICE OR SERVICES. By viewing posts, the reader understands there is no attorney-client relationship, the post should not be used as a substitute for legal advice from a licensed professional attorney, and readers are urged to consult their own legal counsel on any specific legal questions concerning a specific situation.

News

Analyzing Password Protected Documents

Read Next

USA Passes Take It Down Act: Fighting NCII at the Federal Level

Operation Artemis: FBI Arrests 22 in International Sextortion Crackdown

Digital Forensics Corp. Launches Pro Bono Initiative to Combat Sextortion Targeting Minors

Digital Forensics Corp. Launches 2025 Sextortion Study to Uncover the True Scope of a Growing Cybercrime