Just days ago, Fortinet’s FortiGuard Labs captured a malicious MS Word document from the wild that contains auto-executable malicious VBA code that can spread and install NanoCore RAT software on a victim’s Windows system. NanoCore RAT was developed in the .Net framework, and the latest version is “”. Its author, “Taylor Huddleston”, was captured by the FBI and sent to prison early last year . The sample we captured uses NanoCore to execute malicious behavior on a victim’s system.