brad-sp
commented
9 years ago Try it again with the latest version. I get plenty of information, including static analysis on the office file. That the strings listing is different is due to upstream's string grabbing method not requiring nul terminators, whereas we do by default to limit false positives. If you want the upstream behavior, there's a config option for it in processing.conf. I don't think the additional strings are useful in this case, as it's only showing OLE file structure, nothing really interesting.
File can be found here https://www.virustotal.com/en/file/7a7fb0b3b19ae02e8fc9cf56013806b61183d1595e72c4e13b3490268282b3d3/analysis/1430516278/
When analyzing this file there is no metadata information and there are almost (just 1) string found.
Looking at the same file at malwr.com there is a lot more information (https://malwr.com/analysis/ODRlYThiNjM0NDkzNDcxOThmNTExZWVmMTM2MjliOTA/).
Can this problem be solved ?
Thanks