[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle
Security Affairs
MARCH 2, 2019
This technology is stored in the Workbook OLE stream in Excel 97-2003 format which makes it very difficult to detect and parse by antivirus (AV) engines. This is part of a giant list of Living off the Land (LOL) techniques that attackers employ to mask their activities from runtime endpoint security monitoring tools such as AVs.
Let's personalize your content