Tag Archives: spearphish

Dissecting a Malicious Word Document

Posted on April 15, 2013 by darryl

In a recent spearphish campaign, a malicious Word document was used to infect the email recipient. I was able to find an interesting tool and used it to recreate the Word document. Before we get to that, let’s do a … Continue reading

Posted in Malicious Email, Tools | Tagged , , , , | 16 Comments

Spear-Phish Leads to Cridex

Posted on July 10, 2012 by darryl

I haven’t seen a spear-phish campaign like this in awhile. This is a rather decent campaign as it contains the recipient’s full name and address. While the email contains some grammar errors, I think this has the potential to fool … Continue reading

Posted in Malicious Email | Tagged , , , , | Leave a comment

PDF Analysis using PDFStreamDumper

Posted on November 19, 2011 by darryl

PDFStreamDumper is a PDF analyzer developed by Sandsprite’s David Zimmer. He has added quite a bit of useful functions to make this an all-in-one, go-to tool as you’ll soon see. Here’s a spear-phish email that contains a malicious PDF file … Continue reading

Posted in Malicious Email, Tools | Tagged , , | 2 Comments

APEC SpearPhish

Posted on November 9, 2011 by sectek

I was asked (and given permission) to publish this….. OVERVIEW A suspicious email was received on 10/26/2011 and targeted a single, key individual in the organization. The sender appeared to be from a Hawaii-based real estate company. The email was … Continue reading

Posted in Malicious Email | Tagged , , | 2 Comments