2020-07-31 Deobfuscating IcedID Macro Script
Summary ========= This is just a quick writeup of how I managed to get the macro script decoded out of what appears to be an IcedID malspam campaign based on what I am seeing from URLHaus and this tweet from @p5yb34m. The link to the artifacts for this can be…