Since 2014, malicious macros are coming back. And their success in recent campaigns demonstrates that it is still an effective way to deliver malware, sixteen years after Melissa.
This is a presentation that I gave to the SSTIC symposium in June 2015, translated to English. It explains what malicious macros can do, how their code can be obfuscated, and some of the anti-analysis tricks observed in recent cases. Then it shows several tools that can be used to analyze macros, including oledump and olevba.