Lucene search
K

4 matches found

FireEye
FireEye
added 2020/11/19 12:0 a.m.382 views

Purgalicious VBA: Macro Obfuscation With VBA Purging

Malicious Office documents remain a favorite technique for every type of threat actor, from red teamers to FIN groups to APTs. In this blog post, we will discuss "VBA Purging", a technique we have increasingly observed in the wild and that was first publicly documented by Didier Stevens in Februa...

7.1AI score
Exploits0References16
ThreatPost
ThreatPost
added 2020/02/06 5:54 p.m.39 views

U.S. Finance Sector Hit with Targeted Backdoor Campaign

The financial services sector in the U.S. found itself under a barrage of cyberattacks last month, all bent on delivering a powerful backdoor called Minebridge. The attack chain employed a known method called “VBA Stomping” to avoid detection. According to researchers at FireEye, the campaigns,...

7.9AI score
Exploits0References4
Schneier on Security
Schneier on Security
added 2019/05/08 11:3 a.m.61 views

Malicious MS Office Macro Creator

Evil Clippy is a tool for creating malicious Microsoft Office macros: At BlackHat Asia we released Evil Clippy, a tool which assists red teamers and security testers in creating malicious MS Office documents. Amongst others, Evil Clippy can hide VBA macros, stomp VBA code via p-code and confuse...

2.4AI score
Exploits0
Kitploit
Kitploit
added 2019/04/28 12:58 p.m.213 views

Evil Clippy - A Cross-Platform Assistant For Creating Malicious MS Office Documents

A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code via P-Code and confuse macro analysis tools. Runs on Linux, OSX and Windows. Current features Hide VBA macros from the GUI editor VBA stomping P-code abuse Fool analyst tools Serve VBA stomp...

7.5AI score
Exploits0References4
Rows per page
Query Builder