EvilZone

Hacking and Security => Reverse Engineering => : Deque January 25, 2016, 01:33:46 PM

: [Medium Challenge] Obfuscated Word Samples
: Deque January 25, 2016, 01:33:46 PM

Hello reverse engineers.

I stumbled over some obfuscated Macro malware. I will put this here so you can try your luck on deobfuscating these to find out what they do.

Caution: These archives contain live malware!

88ba1e745434e08f91a8b54dbf5a21dc99b886301116dee491f42a7042eae35c.zip (http://upload.evilzone.org?page=download&file=A3Crgrj6pdvqiNLifVlcOkARVH5aiNTorTM8Z9QKJBJcfnyCsq)

92f733da9ba440f0632b495a32742d47a5cb296f49127f210e14de412e371bf8.zip (http://upload.evilzone.org?page=download&file=yt2eXAhDCUXyuNbQrcXNes80cdfenG6Kc4l9q11I7i51LDpwp2)

The password is "infected" (without quotes).

Write back here what you found out and how. This tutorial (https://evilzone.org/high-quality-tutorials/using-excel-for-macro-malware-deobfuscation/msg121083/#msg121083) should help if you don't know how to start.