Skip to content

Marcus Edmondson | Threat Hunting | Information Security

A blog about threat hunting and information security.

  • Home
  • About
  • Contact

Navigation

  • Home
  • About
  • Contact

Archive

  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • July 2021
  • April 2021
  • March 2021
  • February 2021
  • August 2020
  • July 2020
  • February 2019
  • January 2019
  • December 2018
  • August 2018
  • March 2018
  • February 2018

Month: December 2018

APT34 OilrigThreeDollarsMacro.doc Analysis

So today I wanted to analyze a Microsoft Word document I downloaded from 0xffff0800 .onion website http://iec56w4ibovnb4wc.onion and just go through some quick triage steps to strip out some Indicators of Compromise (IOC’s) if you needed to start scanning your environment quickly. So as usual, when I pull down a sample I will transfer it […]

Read More APT34 OilrigThreeDollarsMacro.doc Analysis

MagicHoundAPT34 Word Doc Analysis

Today I wanted to do a blog post on a malicious Microsoft Word Document that I pulled down from http://iec56w4ibovnb4wc.onion, this is @0xffff0800 repository of malware. It is definitely an excellent resource of malware. So far from what I can tell in my analysis is that this Word document is a downloader, but with that […]

Read More MagicHoundAPT34 Word Doc Analysis
Blog at WordPress.com.
  • Follow Following
    • Marcus Edmondson | Threat Hunting | Information Security
    • Already have a WordPress.com account? Log in now.
    • Marcus Edmondson | Threat Hunting | Information Security
    • Customize
    • Follow Following
    • Sign up
    • Log in
    • Report this content
    • View site in Reader
    • Manage subscriptions
    • Collapse this bar
 

Loading Comments...