Executable
Phishing
Doubleclick
Contributors:
Adithya - @ravooriadithya
Description:
A PPA file is an add-in file used by Microsoft PowerPoint, a program that allows users to create presentations. It contains custom commands and macros written in the VBA (Visual Basic for Applications) language and is used to extend the capabilities of Microsoft PowerPoint.
.ppa including .ppam file types had been traditionally used by various cybercrime groups to conduct their campaigns and operations.
OS:
Windows
Mac
Recommendation:
Block .ppa on email and web proxies.
Resources:
File Samples: