Zee tczee36

## detect_CVE-2021-40444.py
# simple script to detect CVE-2021-40444 exploits in DOCX using oletools
# v0.01 Philippe Lagadec 2021-09-09

# IMPORTANT NOTE: this script detects the few samples identified so far, by looking for "mhtml:" in remote objects URLs.
# But it is not confirmed yet if this detection is generic enough, for example if "mhtml:" is not mandatory.
# Moreover, for now only Office 2007+ files are supported.
# Detection for other file types (RTF, Office 97-2003, ...) will be implemented later.

import sys, zipfile
from oletools import oleobj, ooxml
	# simple script to detect CVE-2021-40444 exploits in DOCX using oletools
	# v0.01 Philippe Lagadec 2021-09-09

	# IMPORTANT NOTE: this script detects the few samples identified so far, by looking for "mhtml:" in remote objects URLs.
	# But it is not confirmed yet if this detection is generic enough, for example if "mhtml:" is not mandatory.
	# Moreover, for now only Office 2007+ files are supported.
	# Detection for other file types (RTF, Office 97-2003, ...) will be implemented later.

	import sys, zipfile
	from oletools import oleobj, ooxml