Gosh, I'm on the fence on this one.

Paul seems to be providing us with some really great stuff with no ill intent at all, so I'm hesitant to give him too hard a time.

Also, I agree that this approach would be a pretty primitive approach to malware. Once someone allows the running of Excel macros, they've opened themselves up regardless of whether some binary executable is exported or not. The VBA can be quite harmful, if someone wishes to do that.

Also, whatever this binary is, it's got to be "portable" or this approach isn't going to work. Although, I suspect that most email-type viruses are portable.

IDK, I just don't see any immediate ill-intent here.