oledump's Indicators (video)

SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

oledump's Indicators (video)
My tool oledump uses indicators, you're probably most familiar with indicators M and m that indicate that a stream contains macros. Here is an overview of all possible indicators: M: Macro (attributes and code) m: macro (attributes without code) E: Error (code that throws an error when decompressed) !: Unusual macro (code without attributes) O: object (embedded file) .: storage R: root entry If you want to know more, I recorded this video: Didier Stevens Senior handler Microsoft MVP blog.DidierStevens.com DidierStevensLabs.com	DidierStevens 533 Posts ISC Handler Dec 6th 2020
Thread locked Subscribe	Dec 6th 2020 2 months ago