vdun opened this issue 5 years ago · 1 comments
https://github.com/bontchev/pcodedmp https://github.com/Big5-sec/pcode2code
When olevba detects potential VBA stomping, vmonkey could use pcode2code to convert the P-code to VBA and then parse it.