Word File Disguised as a Design Modification Request for Information Theft Posted By jcleebobgatenet , December 9, 2021 The ASEC analysis team has discovered the distribution of malicious Word file targeting Korean users. The filename is Design Modification Request.doc, and it includes an image that prompts the user to run the macro. As shown below, the Word file includes a malicious macro that downloads additional files from hxxp://filedownloaders.com/doc09. When the user clicks Enable Content, the macro is automatically run, and it downloads additional malicious files. It then runs the downloaded temp.doc document file. The Word file contains texts…
Attacker Distributing Malicious Word Document Written as Compensation Claim Form Posted By jcleebobgatenet , June 29, 2021 A malicious word document file written as ‘compensation claim form’ is being distributed again. This is speculated to be a targeted APT attack. The exact malware that used the identical document format was also discovered back in March, and the ASEC team published a post that analyzes the malware in the ASEC blog. The currently discovered word document was made recently and it contains the same content as the previous attack, but it operates differently. In this post, the team…
