There are some nice tutorials about malicious Office documents around the web, but as far as I’ve seen so far I dealt an unusual *method to hide the shellcode. Great tools like OfficeMalScanner and others are unable to handle this particular scenario, so here is the story of my adventure inside this RTF file. The […]

http://zairon.wordpress.com/2014/03/06/obfuscated-shellcode-inside-a-malicious-rtf-document/