The MuddyWater threat group has been updating its tactics, techniques, and procedures (TTPs) to include a number of new anti-detection techniques. The group used an obfuscated Visual Basic for Applications (VBA) macro script which allows its malware to gain persistence on compromised Windows machines after infection by adding a Run registry key. The targets received the malware via malicious phishing emails which ask the victims to enable the password-protected trojanized macros which would block attempts to view its source code.
Source: https://www.bleepingcomputer.com/news/security/muddywater-hacking-group-upgrades-arsenal-to-avoid-detection/