Malicious Attachment Analysis Script


Screenshot of a comment created for an email with a malicious attachment.

I love collecting malicious emails, samples and trying to make sense of it, create context and share back with the community. One way I do so is by sharing malicious email attachments to MalwareBazaar and VirusTotal and including context such as email sender, subjects and date information. Since doing that, I have heard a few stories from other information security professionals, that were grateful for the information shared, as it helped them either retroactively search their own data or finding a malicious email when a malicious or suspicious binary is detected on an endpoint.

Read more…