Last Updated: 2019-02-03 23:46:06 UTC
by Didier Stevens (Version: 1)
Reader Carlos submitted an email with an attachment. It's a phishing email, the attachment is an HTML file, although the criminals try to make the recipient believe that it is a PDF file.
In this video, I show how you can use my tool oledump.py to extract the attachment from the email (.msg file) for further analysis, without requiring Outlook (or Windows). I give a couple of simple tips to find the phishing URL(s) quickly.