This is a tool for generating obfuscated VBA code. You can put the code to the excel Macro code , after the victim run the excel file and push the Enable content button.THis tool can use in office suite,not just excel.
The Macro Code will be different everytime
This tool is built by Pyinstaller, and some antivirus will detect it as a virus, just ignore it. It's clean.
If you find any problems when you using this tool, you can let me know at Issues.
step 1:
start a CobaltStrike listen
step 2:
Using the Attacks -- Web Drive-by -- Scritped Web Delivery(S); make a web script using powershell
step 3:
copy the powershell script address, u don't need to copy the hold powershell script,just only the link on Event logs
step 4:
download the 3vilMacro.exe file from this project release, and use the powershell script address as argument, run it ,after 3 seconds, it will create a txt file
step 5:
make a Excel file and click the dev tools -- Visual Basic, and then click the ThisWorkBook