With the rapid developments in internet, users share information through document files generated through online or offline office software. Due to implicit trust on the web and wide acceptance of these document files (such as PDF, DOC, Office Open XML), users share documents on the web by trusting third-party services which can be easily exploited by cybercriminals to inject malicious code (Malware) into the document files by various means of exploitations. These exploitations are undetectable and easily evaded on antivirus software which makes the problem of malware detection and classification even more complex. In recent years, the attacks that leverage office documents have gradually increased and thus harder to detect since malware authors use various ways to inject malicious code on to the office documents. They offer flexibility in document structure with numerous features for attackers to exploit. In this paper, a broad classification of macro based malicious document attack is provided along with a detailed description of the attack opportunities available using office documents. A hybrid malware analysis technique is proposed which thoroughly analyze the file for any macro attacks along with decision paradigms such as machine learning is used to detect and classify the malicious document present in Microsoft Office applications such as Word, Excel, Power point.