I was asked if the DDE YARA rules I created work with oledump.py on the sample that Xavier wrote about in his diary entry “Dynamic Data Exchange (DDE) is Back in the Wild?”.
Article Link: https://isc.sans.edu/diary/rss/27122
I was asked if the DDE YARA rules I created work with oledump.py on the sample that Xavier wrote about in his diary entry “Dynamic Data Exchange (DDE) is Back in the Wild?”.
Article Link: https://isc.sans.edu/diary/rss/27122