We have added support for the Microsoft Office ActiveMime format. This format can be used to encapsulate Office documents and hide their contents during analysis. You can download the package from Cerbero Store.
Tag: Microsoft Office
OneNote Format Support
Microsoft OneNote is rising in popularity as a vector for malware. Therefore, all commercial licenses of Cerbero Suite can now download our “OneNote Format” package from Cerbero Store which parses the OneNote format and extracts embedded files.
Installing the package from Cerbero Store takes only a few mouse clicks.
Once the package is installed, you can directly inspect OneNote documents in Cerbero Suite and all embedded files are automatically extracted and ready to be inspected.
Video: 20-Seconds Excel Malware Analysis
This sample is encrypted and contains bogus code.
SHA256: 5B630BA4CB34C23C897084259AD3A00BF31A1E03B080AE7DE5D58B5E0F1EBF08
Source: InQuest.
In many cases following the code flow of Excel malware is not necessary: using the formula view and our Silicon Excel Emulator is often enough.