OFFICE

OFFICE DOCUMENTS

Word & Excel Delivery Loaders

Home > Office Documents

Technical Overview

Microsoft Office documents remain the primary loader for initial access in red team engagements. We provide comprehensive support for both legacy (OLE) and modern (OpenXML) formats.

Supported Formats

Legacy: .DOC, .XLS (OLE Structured Storage)
Modern: .DOCX, .XLSX (OpenXML with Template Injection)
Macro-Enabled: .DOCM, .XLSM (VBA Stomping & Obfuscation)

Key Mechanisms

VBA Stomping: Modifying the P-code to bypass static analysis while retaining execution.
Template Injection: Loading remote payloads via trusted relationship targets in .DOCX/.XLSX.
DDE (Dynamic Data Exchange): Execution via legacy command protocols without macros.

Red Team Advantages

Universal Trust Office documents are standard business communication tools, rarely blocked by edge filters.
Versatile Execution From native Macros to zero-code template injections.