Published: 2024-07-29 Last Updated: 2024-07-29 00:03:44 UTC by Didier Stevens (Version: 1) I found a malicious Word document with VBA code using the CrowdStrike outage for social engineering purposes. It's an .ASD file (AutoRecover file). My tool oledump.py can analyze it: Before I dive into the VBA code, I want to highlight the metadata of this document: oledump.py's -M option displays the metada
![SANS - Internet Storm Center - Cooperative Cyber Threat Monitor And Alert System](https://cdn-ak-scissors.b.st-hatena.com/image/square/ebfdc9054c32b406f061fe47ffd9281d8923007c/height=288;version=1;width=512/https%3A%2F%2Fisc.sans.edu%2Fimages%2Flogos%2Fisc%2Flarge.png)