Macros FUD at ScanTime but gets caught up at RunTime.

[jose101]

Hello guys, so i have been trying s.pam this past days but my Macros is getting caught up at RunTime by updated WD..... Anyone has a special ofcuscation method to use on Macros to bypass WD at RunTime ? Willing to pay for info to solve this matter.... TG = ggho5t

 

[DoomSlayer2002]

You got caught by AMSI, how do you run your payload - ActiveX/Winapi?

 

[jose101]

You got caught by AMSI, how do you run your payload - ActiveX/Winapi?

ActiveX as usual... if you can find a solution to bypass that popup then we can agree to an amount

 

[DoomSlayer2002]

Pm'd you

 

[marauda18]

Don't forget about behavior analysis too. Besides AMSI, some sandbox won't detect your payload as malicious on online scans, but executing manually on the machine can trigger AV,specially macros.

 

[hackwares]

you are looking for silent exploit ? dm me

 

[culconto]

It can be helpful or give a idea for bypass the security issues.
iso, .lnk etc..