[CentOS] Detecting empty office doc containing virus macro

Wed Oct 28 15:01:58 UTC 2015
Eero Volotinen <eero.volotinen at iki.fi>

and https://github.com/xme/cuckoomx

--
Eero

2015-10-28 16:59 GMT+02:00 Eero Volotinen <eero.volotinen at iki.fi>:

> Hi,
>
> Take look of http://www.cuckoosandbox.org
>
> --
> Eero
>
> 2015-10-28 13:55 GMT+02:00 Gary Stainburn <gary at ringways.co.uk>:
>
>> We are receiving LOTS of emails that contain empty XLS or DOC documents
>> with
>> embedded virus macros.  These are getting past SPAMASSASSIN, Clamav and
>> Kaspersky.
>>
>> I'm trying to write a filter for EXIM to block these emails but I need to
>> know
>> a good, quick, command-line to detect an empty doc with a macro.
>>
>> Is there anything available that I can use??
>>
>> I have managed to write a PERL script to detect empty xls xlsx, doc and
>> docx
>> files but I cannot detect whether they have any macros embedded
>>
>> Gary
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> https://lists.centos.org/mailman/listinfo/centos
>>
>
>