I published the following diary on isc.sans.edu: “Malicious Excel Delivering Fileless Payload“:
Macros in Office documents are so common today that my honeypots and hunting scripts catch a lot of them daily. I try to keep an eye on them because sometimes you can spot an interesting one (read: “using a less common technique”). Yesterday, I found such a sample that deserve a quick diary… [Read more]
[The post [SANS ISC] Malicious Excel Delivering Fileless Payload has been first published on /dev/random]
Article Link: https://blog.rootshell.be/2020/06/12/sans-isc-malicious-excel-delivering-fileless-payload/