Then it also extracts all the images in the OneNote Document as shown below: Next, it extracts the Pagewise Metadata from the OneNote Document as shown below. OneNote Attachments extracted in the OneNoteAttachments Folder: Here the Actual Attachment path i.e the path from where the attachment was uploaded can be seen in the console along with the extracted filename and size of the attachment. Upon execution OneNoteAnalyzer extracts the Attachments from the OneNoteDocument in the “OneNoteAttachments” folder. In order to execute OneNoteAnalyzer against malicious OneNote Documents we provide the path of the OneNote Document as shown below. and Converts OneNote Documents to Image Demonstration.Hyperlinks from OneNote Document along with the overlay text.Images from OneNote Document along with the HyperLink URLs if any.Page MetaData from OneNote Document – Title, Author, CreationTime, LastModifiedTime.Attachments from OneNote Document along with the Actual Attachment Path, Filename, and size.FeaturesĪfter providing the file path of the Malicious OneNote document. Now let’s take a look at the features that the tool offers. This gave us the idea to develop “OneNoteAnalyzer” which would help in analysing such malicious OneNote documents without executing them. Recently we came across a few malicious OneNote Documents being distributed in the wild by various threat actors. A C# based tool for analyzing malicious OneNote documents Description
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |