Purgalicious VBA: Macro Obfuscation With VBA Purging

VBA stomping takes advantage of how module streams are interpreted and exchanges malicious CompressedSourceCode with non-malicious VBA source code, leaving the PerformanceCache untouched. However, the success of this technique is Office-version dependent, implying that an attacker would have to… READ MORE

Leave a Comment

Your email address will not be published. Required fields are marked *