Automatic MIME Attachments Triage

MIME TypesA few weeks ago I posted a diary on the ISC SANS website about a script to automate the extraction and analyze of MIME attachments in emails. Being the happy owner of an old domain (15y), this domain is present in all spammer’s mailing lists. I’m receiving a lot of spam and I like it. It helps me to collect interesting files and URLs. But analyzing them manually is a real pain. That’s why I write a Python script called mime2vt.py which automates the tasks for me.

I presented it at Botconf in Paris today in a lightning talk. It was a good opportunity to publish a new release which fixes a few bugs and now analyzes OLE document for malicious VBA macros via the olevba.py API. The slides are available on slideshare.net.

Leave a Reply

Your email address will not be published. Required fields are marked *