Internet Storm Center reported about a new zero-day Word vulnerability being used. We have received a sample, and it indeed is a Word DOC document that attempts to exploit a vulnerability in Word, in order to drop and execute a binary file that downloads a backdoor.
Both the shellcode used in the exploit as well as the binary part in the document are encoded in order to hide them.
