Zarat https://blog.hatena.ne.jp/Zarat/ 4ensiX https://zarat.hatenablog.com/ LetsDefend Malware LetsDefend Challenge Malware Analysis: Malicious VBA The document initiates the download of a payload after the execution, can you tell what website is hosting it? What is the filename of the payload (include the extension)? What method is it using to establish an HTTP connection between files on th… 190 <iframe src="https://hatenablog-parts.com/embed?url=https%3A%2F%2Fzarat.hatenablog.com%2Fentry%2F2023%2F02%2F18%2F100000" title="LetsDefend Challenge Malware Analysis: Malicious VBA - 4ensiX" class="embed-card embed-blogcard" scrolling="no" frameborder="0" style="display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;"></iframe> https://cdn-ak.f.st-hatena.com/images/fotolife/Z/Zarat/20230217/20230217181357.png Hatena Blog https://hatena.blog 2023-02-18 10:00:00 rich https://zarat.hatenablog.com/entry/2023/02/18/100000 1.0 100%