In this video, Senior Incident Response & Research Consultant Scott Nusbaum demonstrates a method to extract and deobfuscate code from a malicious document. Upon rendering the code readable, Nusbaum works to gain an understanding of the goals the malware was attempting to accomplish and the processes by which it undertook that effort.

This video is the first part of a series showcasing the approaches and techniques employed by malware analysts today. Future videos will cover PowerShell deobfuscation, analysis of AutoIt malware, and more, with viewer-suggested topics welcome.