Nowadays, network attacks are significantly complex, varied in form and type. Especially, one of the targets that hackers exploit is the process of data exchange by using email systems. In e-government, documents are being transfer through the e-mail system, which is one of the vulnerabilities that hackers can embed malicious macros. led to cyberattacks. Normally, in order to bypass the antivirus software, a lot of obfuscation techniques are recently used. Its main ideas are based on the change

more »

... of malicious codes to avoid being detected by the antivirus program. In this paper, we propose two new techniques in order to obfuscate the malicious macros embedded in MS Office documents. First one is based on the technique to marshal the variables to shell-code and the second is to obfuscate names of the Windows API functions. We also propose a combination approach to obfuscate the malicious macros by combining different techniques. Our experiment performed on VirusTotal allows to validate the proposed techniques, and therefrom to help the users and network administrators to both provide and improve the network security solutions in order to prevent these types of attacks.