Maldoc (Malicious Documents) are documents containing self-executing code or code that requires a user to grant permission or interact with the document before execution. It can be a PDF with embedded malicious java script, file, etc. or a Microsoft Office document with embedded VBA macros. Maldocs are most commonly delivered to users via phishing emails, however can be delivered via Drive-By attacks, physical USB keys/drives or other social engineering types of attacks. In many cases, such as with Microsoft Office documents, the user will be required to interact with the document prior to any code executing successfully, however it is possible no user interaction is required. Once the document is opened and any required user interaction has been performed, malicious code will execute, such as Powershell, cmd shell or similar scripting code to establish communication with the attacker's infrastructure, download a payload or perform local actions such as persistence or sleep until a later time.
Tactic: Defense Evasion, Execution, Initial Access
Techniques: Command and Scripting Interpreter (T1059), JavaScript/JScript (T1059.001), PowerShell (T1059.004), Python (T1059.005), Rundll32 (T1059.006), Spearphishing Attachment (T1059.007), Spearphishing Link (T1218.011), Unix Shell (T1566.001), Visual Basic (T1566.002)
Get the Free Hunt Packages!
Check Out Other Emerging Threats >
mommy Access Broker is enabling access-as-a-service operations through detailed intrusion guides and compromised credentials, and Intel 471 has released reporting and Hunt Packages to support threat hunting and detection.
NATO's annual summit comes as member countries face a rapidly changing global security dynamic, with cyber playing a significant role.
DragonForce is a Ransomware-as-a-Service group targeting global industries with customizable payloads, enabling widespread attacks and persistent extortion through an affiliate-driven model.
Stay informed with our weekly executive update, sending you the latest news and timely data on the threats, risks, and regulations affecting your organization.