Obfuscated

Obfuscated is a blue team lab that falls under the Malware Analysis category and will cover the following subjects: CyberChef, VS Code, olevba, Oledump, CmdWatcher, sha256sum, dd, Initial Access, Execution, Defense Evasion.

Learning Objectives

Deobfuscate multi-stage VBA and JavaScript malware from a Word document, extracting IOCs and reconstructing execution flow with Oledump, CyberChef, and WSH.

Categories: Malware Analysis.

MITRE ATT&CK Tactics: Initial Access, Execution, Defense Evasion.

Tools: CmdWatcher, Oledump, sha256sum, olevba, dd, VS Code, CyberChef.

Difficulty: medium.