| 2020-08-03 | Xavier Mertens | Powershell Bot with Multiple C2 Protocols |
| 2020-07-15 | Brad Duncan | Word docs with macros for IcedID (Bokbot) |
| 2020-07-10 | Brad Duncan | Excel spreasheet macro kicks off Formbook infection |
| 2020-06-12 | Xavier Mertens | Malicious Excel Delivering Fileless Payload |
| 2020-06-10 | Brad Duncan | Job application-themed malspam pushes ZLoader |
| 2020-06-01 | Didier Stevens | XLMMacroDeobfuscator: An Update |
| 2020-05-20 | Brad Duncan | Microsoft Word document with malicious macro pushes IcedID (Bokbot) |
| 2020-04-05 | Guy Bruneau | Maldoc XLS Invoice with Excel 4 Macros |
| 2020-03-29 | Didier Stevens | Obfuscated Excel 4 Macros |
| 2020-03-18 | Brad Duncan | Trickbot gtag red5 distributed as a DLL file |
| 2020-03-09 | Didier Stevens | Malicious Spreadsheet With Data Connection and Excel 4 Macros |
| 2020-03-06 | Xavier Mertens | A Safe Excel Sheet Not So Safe |
| 2020-02-24 | Didier Stevens | Maldoc: Excel 4 Macros and VBA, Devil and Angel? |
| 2020-02-23 | Didier Stevens | Maldoc: Excel 4 Macros in OOXML Format |
| 2020-02-21 | Xavier Mertens | Quick Analysis of an Encrypted Compound Document Format |
| 2020-01-22 | Brad Duncan | German language malspam pushes Ursnif |
| 2020-01-09 | Xavier Mertens | Quick Analyzis of a(nother) Maldoc |
| 2019-12-11 | Brad Duncan | German language malspam pushes yet another wave of Trickbot |
| 2019-12-04 | Jan Kopriva | Analysis of a strangely poetic malware |
| 2019-10-02 | Brad Duncan | A recent example of Emotet malspam |
| 2019-09-18 | Brad Duncan | Emotet malspam is back |
| 2019-06-18 | Brad Duncan | Malspam with password-protected Word docs pushing Dridex |
| 2019-03-17 | Didier Stevens | Video: Maldoc Analysis: Excel 4.0 Macro |
| 2019-03-16 | Didier Stevens | Maldoc: Excel 4.0 Macros |
| 2019-03-13 | Brad Duncan | Malspam pushes Emotet with Qakbot as the follow-up malware |
| 2019-01-24 | Brad Duncan | Malspam with Word docs uses macro to run Powershell script and steal system data |
| 2018-12-18 | Brad Duncan | Malspam links to password-protected Word docs that push IcedID (Bokbot) |
| 2018-11-15 | Brad Duncan | Emotet infection with IcedID banking Trojan |
| 2018-08-24 | Xavier Mertens | Microsoft Publisher Files Delivering Malware |
| 2018-05-25 | Xavier Mertens | Antivirus Evasion? Easy as 1,2,3 |
| 2018-05-01 | Xavier Mertens | Diving into a Simple Maldoc Generator |
| 2017-12-19 | Xavier Mertens | Example of 'MouseOver' Link in a Powerpoint File |
| 2017-12-16 | Xavier Mertens | Microsoft Office VBA Macro Obfuscation via Metadata |
| 2017-11-15 | Xavier Mertens | If you want something done right, do it yourself! |
| 2017-02-26 | Guy Bruneau | It is Tax Season - Watch out for Suspicious Attachment |
| 2016-09-30 | Xavier Mertens | Another Day, Another Malicious Behaviour |
| 2015-02-19 | Daniel Wesemann | Macros? Really?! |
