Microsoft Office VBA Macro Obfuscation via Metadata, (Sat, Dec 16th)

Often, malicious macros make use of the same functions to infect the victim’s computer. If a macro contains these strings, it can be flagged as malicious or, at least, considered as suspicious. Some examples of suspicious functions are:

Article Link: https://isc.sans.edu/diary/rss/23139