search

decalage2 / oletools

oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
http://www.decalage.info/python/oletools
Other
2.88k stars 561 forks source link

olevba - add VM detection keywords #50

Open decalage2 opened 8 years ago

decalage2 commented 8 years ago

see https://www.zscaler.com/blogs/research/malicious-documents-leveraging-new-anti-vm-anti-sandbox-techniques/

decalage2 commented 10 months ago

Also https://evasions.checkpoint.com/