A malicious Microsoft Excel 4.0 Macro sheet with a suspicious formula that is set as “Very Hidden” was submitted by a customer and further analyzed by Trend Micro researchers. The sheet is not readily accessible via the Microsoft Excel User Interface (UI) due to a feature documented in the Microsoft website that allows users to hide sheets. The compromised files were commonly used as an attachment in spam.
Upon opening the file, it displays a message asking users to click the Enable editing button, then the Enable content button. Users who click these unwittingly enable the macro.
Source: Trend Micro