Malicious Office (OLE) / .DOC — malware analysis report

Static analysis result for SHA-256 00efa04b2c8cbd80…

MALICIOUS

Office (OLE) / .DOC

70.2 KB
MD5: 6347f1ac2ad661afc8d227e0f6e56ed9 SHA-1: 5783c3633775a791d1b25b6e3f09b79e5849ff02 SHA-256: 00efa04b2c8cbd806300dc2aa9a64e9bb77c2cce4cb6cd4d8f457df70e361b7a
80 Risk Score

Malware Insights

The sample is a password-encrypted Office document that also exhibits malformed structure, specifically CFB FAT corruption. This combination prevents the extraction of any plaintext content or embedded scripts, making it impossible to determine the specific attack vector or payload. The encryption and malformation are strong indicators of malicious intent, likely to evade static analysis.

Heuristics 2

  • Encrypted Office package with CFB FAT corruption critical OLE_ENCRYPTED_AND_MALFORMED
    Encrypted-package shape co-occurs with FAT-chain corruption — the documented combined evasion form.
  • Office document is password-encrypted medium OFFICE_ENCRYPTED_PACKAGE
    OLE container holds MS-OFFCRYPTO encrypted package (Standard Encryption (Office 2007, AES)).

Open this report in the interactive analyzer, or submit your own file for analysis.