Skip to content

<<< Hide Navigation Hide TOC >>>

Trust Access Disable For VBApplications (1a5c46e9-f32f-42f7-b2bc-6e9084db7fbf)

Detects registry changes to Microsoft Office "AccessVBOM" to a value of "1" which disables trust access for VBA on the victim machine and lets attackers execute malicious macros without any Microsoft Office warnings.

Galaxy ColorsAttack Pat...Sigma-Rule...
Rows: 1
Loading extensions...
Collapse filters
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx:
Learn more

TableFilter v0.7.2

https://www.tablefilter.com/
©2015-2025 Max Guglielmi
?
Cluster A Galaxy A Cluster B Galaxy B Level
Modify Registry - T1112 (57340c81-c025-4189-8fa0-fc7ede51bae4) Attack Pattern Trust Access Disable For VBApplications (1a5c46e9-f32f-42f7-b2bc-6e9084db7fbf) Sigma-Rules 1