Executable
Phishing
Double Click
Contributors:
Xavier Mertens - @xme
Description:
XLL or Excel Add-In are DLLs (PE files) that are loaded into Excel to add powerful features. Once loaded the DLL code will be executed and may content malicious actions.
OS:
Windows
Recommendation:
Break the link between the file extension and Excel in the registry (ex: open the file with Notepad instead)
Resources:
File Samples: