Tuesday, April 14, 2015

Malicious Excel Macro on the Loose

A new malicious Microsoft Excel Macro is making it's way around the internet this morning.  Per below, you'll see that the AV Vendors are doing a poor job protecting against this threat... as is all too often the case:



Are we sure that the excel file is malware?  As you'll see below, the Websense File Sandbox validates the malicious intent:



Finally, notice that the malware/downloader calls out via HTTP to a new domain.  Note that this executable, too, is detected by the Websense ACE Technology:






HOWEVER... note that the AV Vendors are not able to detect this threat either  :-(








Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)