I'm trying to run a home-rolled Macro for MS Word 2013 to automate including files of various types (.doc, pdf) into a document that I compose on a regular basis. Since installing Malwarebytes Endpoint Protection, the macro (and Word) keeps crashing when I try to run it. Stepping through the macro, I've discovered that it does so when trying to execute an Application.Run method. The Malwarebytes console indicates a Detection event with the following:
Detection Data
Detection Name:
Malware.Exploit.Agent.Generic
Action Taken:
Blocked
Category:
Exploit
Scanned At:
09/25/2019 - 10:51:04 AM
Reported At:
09/25/2019 - 10:51:58 AM
Type:
Exploit
Endpoint:
(edited)
Location:
C:\Windows\SysWOW64\mshta.exe C:\Windows\SysWOW64\mshta.exe C:\temp\radBD6DB.tmp.hta {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}
Group Name:
Default Group
Affected Applications:
Microsoft Office Word
I've tried creating a Malwarebytes console exclusion using the hash data included in the Location information but no effect and (obviously) I don't want to create an exception for all Word macros. I've attached the script (with crash point noted as a comment) and temp file referenced. Any suggestions or additional information that might help resolve this? Given the number and position of files that are used in compiling the document it would be a pain to have to return to the manual method of doing so. Thanks.
NewMacros.bas.txt
radBD6DB.tmp.hta.txt