In a recent spearphish campaign, a malicious Word document was used to infect the email recipient. I was able to find an interesting tool and used it to recreate the Word document. Before we get to that, let’s do a quick analysis on the document… Here we see the Word document with an embedded object: Viewing the file with Notepad, we can see that this is an RTF file and definitely looks suspicious