Malware delivery trends change every day. For the last few years, we have observed various hacker groups like ( APT12 to Turla ) uses various techniques to deliver malware on the system or network.
One of the best technique hackers groups used is to write malicious code and obfuscate it and embed with Office documents and deliver to the victim through Social engineering ( Spearphishing Attachment ).
Lack of user awareness results with (Compromising the system to lateral movement in the network). Let’s check out the tool Macro pack to do some automation in embedding malicious code into Office Documents.
You can Download the Macro Pack from GitHub.
-f = input-file=INPUT_FILE_PATH A VBA macro file or file containing params
-o = obfuscate Same as ‘–obfuscate-form –obfuscate-names –obfuscate-strings
-G = generate=OUTPUT_FILE_PATH.
File-less malware’s are challenging and evolving faster. Windows utility ( Powershell) is abused in later stages to run an executable on the system local storage or run the code into memory itself.
Implement best endpoint solutions, Email Security products to block unsolicited emails or files. Spread awareness to employees with internal phishing exercises.
Happy Hacking!
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates
A zero-day vulnerability affecting on-premise instances of Fortra's GoAnywhere MFT-managed file transfer solution was actively…
CERT-FR, the French Computer Emergency Response Team (CERT-FR), as well as administrators and hosting providers,…
Android penetration testing tools are more often used by security industries to test the vulnerabilities…
F5 reports a high-severity format string vulnerability in BIG-IP that might allow an authenticated attacker…
Cloud Computing Penetration Testing is a method of actively checking and examining the Cloud system…
Threat Intelligence Tools are more often used by security industries to test the vulnerabilities in…