Obfuscation Techniques Based on Random Strings Used in Malicious VBA Scripts

Obfuscation Techniques Based on Random Strings Used in Malicious VBA Scripts

연구 분야: Analysis

학회: 2022 24th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC)

The script-based attacks are still in trend when it comes to malicious files. The main attack vectors are represented by the documents sent to victims as email attachments. Besides the tricks used by the attackers to persuade the victim to download and open the received documents, also, the attackers try their best to avoid the detection of security products. The obfuscation of the code is the main technique used in script-based attacks to evade detection.This paper presents a study on VBA-malware obfuscation techniques based on the usage of generated random strings. This technique is an obvious mark of obfuscated and, further, malicious code. Hence, the main concern in malicious code analysis is to identify as many randomly generated identifiers as possible.