How can I find out what a macro does without exposing myself to it?

I have been given two different Microsoft Word document that my virus scanner has warned me contains macros.

These should be simple text files, and the person who sent them doesn't even know what a macro is; they may be a mistake on his part, but they might be signs of a malicious infection.

My installation of OpenOffice.org is set not to load macros at all, Kodi.link as I rarely use them, so I am not concerned about the security of my system.

What I would like to be able to do is find out what those macros do without exposing my system to any malicious intent from those macros, in order to tell the person who sent me the documents whether or not he is spreading an infection.

  • Hello Alvin Howell,

    find out what those macros do
    malicious macros naturally try to hide (by obfuscation or encryption) their intent, they might even protect themselves against more or less simple analysis (e.g. that it's running on a VM, or a machine disconnected from the network). Thus it's normally, for the average user or admin, not feasible to determine the actual intent of such macros.

    If you want to know whether it's actually malicious submit a sample to Sophos. 

    Christian