Masquerading malicious files into legitimate files is crucial for a successful phishing attack. When the malicious payload is hidden into legitimate documents, the victims are more likely to open the file, giving us access to their computer. In this course, Execution with macro_pack, you will see one of the most useful tools for malicious file masquerading, the macro_pack. First, you will learn the basics about malicious file masquerading and an overview of the macro_pack tool. Next, you will explore how to hide a Metasploit Meterpreter payload into a Microsoft Word file. Finally, you will learn how to create a file dropper with the macro_pack, which can be used to distribute malware hosted in remote servers via unsuspicious Microsoft Excel spreadsheets. When you are finished with this course, you will have the skills and knowledge of the macro_pack tool to masquerade malicious payloads into Microsoft Office files and covers three important tactics from the MITRE ATT&CK framework: User Execution – Malicious File (T1204.002), Command and Scripting Interpreter – Visual Basic (T1059.005) and Phishing – Spearphishing Attachment (T1566.001).
Author Name: Ricardo Reimao
Author Description:
Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 14+ years of IT experience, 10 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.