Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 00d12ffd6ab3f010…

MALICIOUS

Office (OLE)

352.0 KB Created: 2010-02-15 16:24:00 Authoring application: Microsoft Word 8.0
MD5: 0bb6360de7b359e81d1883b59b6f743f SHA-1: 73f51c39eb8476b409af961d128979e202743cc7 SHA-256: 00d12ffd6ab3f01045c0adb93700aa92a5d893f41afee546aca22f3010a93bbb
62 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The file is detected as Doc.Trojan.Spatch-1 by ClamAV. The document body presents itself as a repertoire list for a musical performance, likely a social engineering lure. It contains an embedded URL, http://www.soundslife.ru, which is a common tactic for delivering malicious payloads or redirecting users to phishing sites.

Heuristics 2

  • ClamAV: Doc.Trojan.Spatch-1 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Doc.Trojan.Spatch-1
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.soundslife.ru

Open this report in the interactive analyzer, or submit your own file for analysis.