SANS Digital Forensics and Incident Response Blog: Author - Adam Kramer

Analyzing Shellcode Extracted from Malicious RTF Documents

During the analysis of malicious documents designed to exploit vulnerabilities in the programs which load them (thereby allowing the running of arbitrary code), it is often desirable to review any identified shellcode in a debugger. This allows an increased level of control and flexibility during the discovery of it's capabilities and how it implements the … Continue reading Analyzing Shellcode Extracted from Malicious RTF Documents