Information Security News
Have you analyzed malicious Office documents with VBA macros? Did they contain a userform? Like this (MD5 4e0c55054c4f7c32aece5cfbbea02846):
Then take a look at the content of the stream with a name that ends with /o:
You can see that it contains a URL.
Sometimes you will analyze the VBA code of malicious documents, but not find the URL. That" />