{"id":5134,"date":"2020-04-28T13:57:53","date_gmt":"2020-04-28T20:57:53","guid":{"rendered":"https:\/\/blogs.infoblox.com\/?p=5134"},"modified":"2024-04-26T13:21:26","modified_gmt":"2024-04-26T20:21:26","slug":"zloader-campaign-uses-excel-4-0-macros","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/zloader-campaign-uses-excel-4-0-macros\/","title":{"rendered":"Zloader Campaign Uses Excel 4.0 Macros"},"content":{"rendered":"<p><em>By Jon Armer, Product Security Engineer R&amp;D<\/em><\/p>\n<p>In mid-April, we observed a malicious spam (malspam) campaign using Microsoft Excel documents to deliver Zloader malware via Excel 4.0 macros, also known as XLM macros. Excel 4.0 macros are the precursor to VBA macros and contain similar functionality. Threat actors use Excel 4.0 macros due to their:<\/p>\n<ul>\n<li>low rate of antivirus software detection,<\/li>\n<li>ability to obfuscate commands through dynamic code, and<\/li>\n<li>capability to call API functions to download files and run CMD commands.<\/li>\n<\/ul>\n<p>Unlike later VBA macros, Excel stores XLM macros within cells in its worksheets. Victims are unable to review the macros because the threat actors have the worksheet set to &#8220;very hidden,&#8221; a built-in feature of Microsoft Office that prevents recipients from viewing the worksheet from within Excel.<\/p>\n<p>The emails that we observed in this campaign used purchasing\/financial themes with the following subject lines:<\/p>\n<ul>\n<li>Case &lt;six digits&gt;: invoice &lt;six digits&gt; is blocked<\/li>\n<li>Compensation for invoice &lt;six digits&gt; is not received<\/li>\n<li>Replicated_sent_invoice_#&lt;six digits&gt;<\/li>\n<\/ul>\n<p>Infoblox\u2019s full report on this instance of the malware will be available soon on our <a href=\"https:\/\/insights.infoblox.com\/threat-intelligence-reports\">Threat Intelligence Reports<\/a> page.<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>By Jon Armer, Product Security Engineer R&amp;D In mid-April, we observed a malicious spam (malspam) campaign using Microsoft Excel documents to deliver Zloader malware via Excel 4.0 macros, also known as XLM macros. Excel 4.0 macros are the precursor to VBA macros and contain similar functionality. Threat actors use Excel 4.0 macros due to their: [&hellip;]<\/p>\n","protected":false},"author":397,"featured_media":4882,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[254],"tags":[15,40,264],"class_list":{"0":"post-5134","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threat-intelligence","8":"tag-security","9":"tag-threat-intelligence","10":"tag-zloader","11":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Zloader Campaign Uses Excel 4.0 Macros<\/title>\n<meta name=\"description\" content=\"In mid-April, we observed a malicious spam (malspam) campaign using Microsoft Excel documents to deliver Zloader malware via Excel 4.0 macros, also known as XLM macros. Excel 4.0 macros are the precursor to VBA macros and contain similar functionality. Threat actors use Excel 4.0 macros due to their:\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/zloader-campaign-uses-excel-4-0-macros\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Zloader Campaign Uses Excel 4.0 Macros\" \/>\n<meta property=\"og:description\" content=\"In mid-April, we observed a malicious spam (malspam) campaign using Microsoft Excel documents to deliver Zloader malware via Excel 4.0 macros, also known as XLM macros. Excel 4.0 macros are the precursor to VBA macros and contain similar functionality. Threat actors use Excel 4.0 macros due to their:\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/zloader-campaign-uses-excel-4-0-macros\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2020-04-28T20:57:53+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-26T20:21:26+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-higher-ed-optimize-automate-cybersecurity.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"383\" \/>\n\t<meta property=\"og:image:height\" content=\"254\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Infoblox Threat Intel\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Infoblox Threat Intel\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/zloader-campaign-uses-excel-4-0-macros\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/zloader-campaign-uses-excel-4-0-macros\\\/\"},\"author\":{\"name\":\"Infoblox Threat Intel\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b6aed8965e3298a0817c16d32c0a67ae\"},\"headline\":\"Zloader Campaign Uses Excel 4.0 Macros\",\"datePublished\":\"2020-04-28T20:57:53+00:00\",\"dateModified\":\"2024-04-26T20:21:26+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/zloader-campaign-uses-excel-4-0-macros\\\/\"},\"wordCount\":200,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/zloader-campaign-uses-excel-4-0-macros\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-higher-ed-optimize-automate-cybersecurity.jpg\",\"keywords\":[\"Security\",\"Threat Intelligence\",\"Zloader\"],\"articleSection\":[\"Infoblox Threat Intel\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/zloader-campaign-uses-excel-4-0-macros\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/zloader-campaign-uses-excel-4-0-macros\\\/\",\"name\":\"Zloader Campaign Uses Excel 4.0 Macros\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/zloader-campaign-uses-excel-4-0-macros\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/zloader-campaign-uses-excel-4-0-macros\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-higher-ed-optimize-automate-cybersecurity.jpg\",\"datePublished\":\"2020-04-28T20:57:53+00:00\",\"dateModified\":\"2024-04-26T20:21:26+00:00\",\"description\":\"In mid-April, we observed a malicious spam (malspam) campaign using Microsoft Excel documents to deliver Zloader malware via Excel 4.0 macros, also known as XLM macros. Excel 4.0 macros are the precursor to VBA macros and contain similar functionality. Threat actors use Excel 4.0 macros due to their:\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/zloader-campaign-uses-excel-4-0-macros\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/zloader-campaign-uses-excel-4-0-macros\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/zloader-campaign-uses-excel-4-0-macros\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-higher-ed-optimize-automate-cybersecurity.jpg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-higher-ed-optimize-automate-cybersecurity.jpg\",\"width\":383,\"height\":254},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/zloader-campaign-uses-excel-4-0-macros\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Infoblox Threat Intel\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/threat-intelligence\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Zloader Campaign Uses Excel 4.0 Macros\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b6aed8965e3298a0817c16d32c0a67ae\",\"name\":\"Infoblox Threat Intel\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"url\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"contentUrl\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"caption\":\"Infoblox Threat Intel\"},\"description\":\"Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access to the internet's inner workings allow us to track down threat actors that others can't see. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox Protective DNS solutions, so customers automatically get its benefits, along with ridiculously low false positive rates.\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/infoblox-threat-intel\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Zloader Campaign Uses Excel 4.0 Macros","description":"In mid-April, we observed a malicious spam (malspam) campaign using Microsoft Excel documents to deliver Zloader malware via Excel 4.0 macros, also known as XLM macros. Excel 4.0 macros are the precursor to VBA macros and contain similar functionality. Threat actors use Excel 4.0 macros due to their:","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/zloader-campaign-uses-excel-4-0-macros\/","og_locale":"en_US","og_type":"article","og_title":"Zloader Campaign Uses Excel 4.0 Macros","og_description":"In mid-April, we observed a malicious spam (malspam) campaign using Microsoft Excel documents to deliver Zloader malware via Excel 4.0 macros, also known as XLM macros. Excel 4.0 macros are the precursor to VBA macros and contain similar functionality. Threat actors use Excel 4.0 macros due to their:","og_url":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/zloader-campaign-uses-excel-4-0-macros\/","og_site_name":"Infoblox Blog","article_published_time":"2020-04-28T20:57:53+00:00","article_modified_time":"2024-04-26T20:21:26+00:00","og_image":[{"width":383,"height":254,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-higher-ed-optimize-automate-cybersecurity.jpg","type":"image\/jpeg"}],"author":"Infoblox Threat Intel","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Infoblox Threat Intel","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/zloader-campaign-uses-excel-4-0-macros\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/zloader-campaign-uses-excel-4-0-macros\/"},"author":{"name":"Infoblox Threat Intel","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b6aed8965e3298a0817c16d32c0a67ae"},"headline":"Zloader Campaign Uses Excel 4.0 Macros","datePublished":"2020-04-28T20:57:53+00:00","dateModified":"2024-04-26T20:21:26+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/zloader-campaign-uses-excel-4-0-macros\/"},"wordCount":200,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/zloader-campaign-uses-excel-4-0-macros\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-higher-ed-optimize-automate-cybersecurity.jpg","keywords":["Security","Threat Intelligence","Zloader"],"articleSection":["Infoblox Threat Intel"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/zloader-campaign-uses-excel-4-0-macros\/","url":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/zloader-campaign-uses-excel-4-0-macros\/","name":"Zloader Campaign Uses Excel 4.0 Macros","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/zloader-campaign-uses-excel-4-0-macros\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/zloader-campaign-uses-excel-4-0-macros\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-higher-ed-optimize-automate-cybersecurity.jpg","datePublished":"2020-04-28T20:57:53+00:00","dateModified":"2024-04-26T20:21:26+00:00","description":"In mid-April, we observed a malicious spam (malspam) campaign using Microsoft Excel documents to deliver Zloader malware via Excel 4.0 macros, also known as XLM macros. Excel 4.0 macros are the precursor to VBA macros and contain similar functionality. Threat actors use Excel 4.0 macros due to their:","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/zloader-campaign-uses-excel-4-0-macros\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/threat-intelligence\/zloader-campaign-uses-excel-4-0-macros\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/zloader-campaign-uses-excel-4-0-macros\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-higher-ed-optimize-automate-cybersecurity.jpg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-higher-ed-optimize-automate-cybersecurity.jpg","width":383,"height":254},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/zloader-campaign-uses-excel-4-0-macros\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Infoblox Threat Intel","item":"https:\/\/www.infoblox.com\/blog\/category\/threat-intelligence\/"},{"@type":"ListItem","position":3,"name":"Zloader Campaign Uses Excel 4.0 Macros"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b6aed8965e3298a0817c16d32c0a67ae","name":"Infoblox Threat Intel","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","url":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","contentUrl":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","caption":"Infoblox Threat Intel"},"description":"Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access to the internet's inner workings allow us to track down threat actors that others can't see. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox Protective DNS solutions, so customers automatically get its benefits, along with ridiculously low false positive rates.","url":"https:\/\/www.infoblox.com\/blog\/author\/infoblox-threat-intel\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5134","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/397"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=5134"}],"version-history":[{"count":3,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5134\/revisions"}],"predecessor-version":[{"id":5137,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5134\/revisions\/5137"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/4882"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=5134"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=5134"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=5134"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}