Malicious PowerPoint Add-On: "Small Is Beautiful", (Fri, Apr 23rd)

Yesterday I spotted a DHL-branded phishing campaign that used a PowerPoint file to compromise the victim. The malicious attachment is a PowerPoint add-in. This technique is not new, I already analyzed such a sample in a previous diary[1]. The filename is “dhl-shipment-notification-6207428452.ppt” (SHA256:934df0be5a13def81901b075f07f3d1f141056a406204d53f2f72ae53f583341) and has a VT score of 18/60[2].

Article Link: