[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle
Security Affairs
MARCH 2, 2019
This technology is stored in the Workbook OLE stream in Excel 97-2003 format which makes it very difficult to detect and parse by antivirus (AV) engines. An important point to note in “Root Entry” is the version of the document “ Microsoft Excel 97-2003 “. Figure 5: Microsoft Excel 97-2003 version identified. dll library).
Let's personalize your content