We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
This XLS has a suspect Marco detected like virus by 9 antivirus. Olevba make an error and said only 1 suspicious information.
# olevba XL_14758_1804.xls olevba 0.54 on Python 2.7.13 - http://decalage.info/python/oletools =============================================================================== FILE: XL_14758_1804.xls Type: OLE ERROR Error when running oledump.plugin_biff, please report to https://github.com/decalage2/oletools/issues Traceback (most recent call last): File "/usr/local/lib/python2.7/dist-packages/oletools/olevba.py", line 3104, in detect_xlm_macros self.xlm_macros = biff_plugin.Analyze() File "/usr/local/lib/python2.7/dist-packages/oletools/thirdparty/oledump/plugin_biff.py", line 1008, in Analyze strings += ' '.join(values[0]) TypeError: sequence item 0: expected string, bytearray found ------------------------------------------------------------------------------- VBA MACRO ЭтаКнига.cls in file: XL_14758_1804.xls - OLE stream: u'_VBA_PROJECT_CUR/VBA/\u042d\u0442\u0430\u041a\u043d\u0438\u0433\u0430' - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Sub Axcelerrate() Raba.FarFarAway 15, 1, True End Sub ------------------------------------------------------------------------------- VBA MACRO Лист3.cls in file: XL_14758_1804.xls - OLE stream: u'_VBA_PROJECT_CUR/VBA/\u041b\u0438\u0441\u04423' - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (empty macro) +----------+--------------------+---------------------------------------------+ |Type |Keyword |Description | +----------+--------------------+---------------------------------------------+ |Suspicious|Hex Strings |Hex-encoded strings were detected, may be | | | |used to obfuscate strings (option --decode to| | | |see all) | +----------+--------------------+---------------------------------------------+
XL_14758_1804.zip
The text was updated successfully, but these errors were encountered:
This has been fixed in the latest version, similar to #428.
Sorry, something went wrong.
decalage2
No branches or pull requests
This XLS has a suspect Marco detected like virus by 9 antivirus.
Olevba make an error and said only 1 suspicious information.
XL_14758_1804.zip
The text was updated successfully, but these errors were encountered: