Cyber Security with Amit Malik – Episode 2 – Macro Code De-obfuscation using Vbscript Debugger



Audience Level: Internet user, Mid level Analyst

Prerequisite: Programming Language



Infection Method:

Malicious documents are mostly delivered through email campaigns. The attacker send the tailored email to the victim with the malicious email attachment or a malicious web link. Once the victim open the malicious document it will download the malware from the internet and execute it on the victim machine.

Case Study:

  1. Hades Ransomeware:
  2. Password Protected Doc: (Its a bit lengthy, I will discuss only the analysis of dropped VBS file.)


We will use the code from previous episode to extract the macro from the documents.



Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.