infosecn1nja
/
MaliciousMacroGenerator
mirror of https://github.com/infosecn1nja/MaliciousMacroGenerator.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update README.md

patch-1
Mr-Un1k0d3r 2016-09-21 19:26:17 -04:00 committed by GitHub
parent fe256e2dc6
commit 39aec1e9a0
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
README.md
View File

@ -1,8 +1,7 @@
## MaliciousMacroGenerator
#Malicious Macro Generator Utility
---
Simple utility design to generate obfuscated macro that also include a AV / Sandbox escape trick
---
#Requirement
```
@ -22,3 +21,10 @@ Usage: GenMacro.py [template] [domain] [offset] [payload] [output]
python GenMacro.py "base.vba" "RingZer0" 3 "cmd.exe /c ping ringzer0team.com" malicious.vba
```
#Evasion technique
```
The macro is fetching the USERDOMAIN environment variable and compare the value with a predefined one. If they match the final payload is executed.
The python script will also generate obfuscated code to avoid heuristic detection
```