Over the last months, I’ve been quite busy working with my colleagues on report “Epic Manchego – atypical maldoc delivery brings flurry of infostealers“: we’ve tracked an actor creating a new type of malicious Office document.

To help with the automatic analysis of all the maldocs produced by this actor (several per day), I added new features to existing tools and created new tools.

I’m releasing this work in the coming months (some has already been published: oledump.py and zipdump.py).