pts2024

oletools is an open-source project developed since 2012 to analyse MS Office documents and also any files with the OLE/CFB format (Compound File Binary), especially for malware analysis. oletools is used by many blue teamers, and it has also been integrated into a large number of malware analysis tools, platforms and online services.
In this talk I will demonstrate how to use oletools to analyse recent malware samples. I will also present new features developed this year to analyse MSI and MSIX installers, and the specific file format identification algorithm in the ftguess tool.