https://www.policytopackets.com/tags/macros/ Recent content in Macros on Policy to Packets Hugo -- gohugo.io en reedveggleston@gmail.com (Reed Eggleston) reedveggleston@gmail.com (Reed Eggleston) © 2026 Reed Eggleston Thu, 26 Feb 2026 14:23:00 +0000 https://www.policytopackets.com/writeups/letsdefend/soc/137_76/ Thu, 26 Feb 2026 14:23:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/letsdefend/soc/137_76/ Investigating a malicious DOCM download attempt, validating the file hash via VirusTotal, confirming no execution or C2 communication occurred, and verifying the threat was successfully blocked before impact. https://www.policytopackets.com/writeups/letsdefend/soc/105_16/ Wed, 25 Feb 2026 15:45:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/letsdefend/soc/105_16/ Investigating a threat intelligence alert after an endpoint connected to a known malicious domain, correlating firewall logs to a macro-enabled Excel file execution, validating the malware through VirusTotal, and initiating containment following confirmed C2 communication. https://www.policytopackets.com/writeups/letsdefend/soc/138_77/ Mon, 23 Feb 2026 13:36:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/letsdefend/soc/138_77/ Investigating a suspicious Excel macro alert after a malicious XLSM file executed on an endpoint, validating malware through VirusTotal and Hybrid Analysis, correlating outbound encrypted traffic to a confirmed C2 server, and initiating containment following confirmed compromise. https://www.policytopackets.com/writeups/letsdefend/challenges/excel_4.0_macros/ Sat, 14 Feb 2026 00:39:00 +0000 reedveggleston@gmail.com (Reed Eggleston) https://www.policytopackets.com/writeups/letsdefend/challenges/excel_4.0_macros/ Analyzing a malicious Excel 4.0 (XLM) macro document using XLMMacroDeobfuscator and oletools to identify process execution, regsvr32 abuse, and DLL payload behavior.