
Blind DOCtor
Introducing the Blind DOCtor
Microsoft Office files are often trojanised to deliver malicious payloads in various campaigns. The more you study these campaigns, the more you see the same templates popping up.
The Blind DOCtor extracts these visual templates and uses them to correlate the families. In the mean time, it extracts further artefacts from the files using static analysis.
Read more about the concept or the core publication
Analyse a file
Scan a Microsoft Office file for possible malicious indicators and correlate it with malware families.
Allowed extensions: doc, docx, xls, xlsm, xlsx, docm, xlsb (RTF support to come...) Maximum filesize: 3MB
Policy: By uploading you agree to the processing of your file and using it for extracting templates for other malicious MS Office documents and sharing it with others.
Analysed files: 1309