Matthew has been assigned the task of analyzing a suspicious MS Office document via static analysis over an Ubuntu-based forensic machine. He wants to see what type of document it is, whether it is encrypted, or contains any flash objects/VBA macros. Which of the following python-based script should he run to get relevant information?
To analyze a suspicious MS Office document via static analysis, you should use the script oleid.py. This script is part of the oletools suite and is designed to provide information about the type of the document, check if it is encrypted, and detect the presence of any OLE objects, VBA macros, or other potentially malicious content within the document.
A < https://github.com/decalage2/oletools/wiki/oleid
As the first step, you should analyze the suspect MS Office document with a python-based tool named oleid to review all components that can be labeled as suspicious/malicious. It is a tool that is used to examine OLE files.
A. Object Linking and embedding