Emprisa Maldoc is a blue team lab that falls under the Malware Analysis category and will cover the following subjects: Microsoft office IDE, rtfdump.py, Scdbg or Speakeasy, Debugger, Initial Access, Execution, Defense Evasion, Command and Control.
Learning Objectives
Reconstruct fragmented shellcode from a malicious RTF document and emulate its execution using `rtfdump.py` and `scdbg` to identify CVE-2017-11882 payload delivery.