Malicious Office (OOXML) — malware analysis report

Static analysis result for SHA-256 0203bb9953af65d6…

MALICIOUS

Office (OOXML)

12.2 KB Authoring application: Microsoft Macintosh Excel 16.0300 First seen: 2022-07-02
MD5: e9dce07b19fcedc955f41f18003312db SHA-1: 9f84f5b20250295b0d08fd54b23621af53a87611 SHA-256: 0203bb9953af65d62a790836b6290bec348713c2fb9b14685249dfd184a4c779
60 Risk Score

Heuristics 1

  • Spreadsheet DDE link launches a dangerous command critical OOXML_SPREADSHEET_DDE_MALICIOUS
    Excel workbook contains an externalLinks/ddeLink entry whose ddeService/ddeTopic launches a dangerous executable. This is SpreadsheetML DDE command execution, distinct from WordprocessingML DDE field instructions.

Open this report in the interactive analyzer, or submit your own file for analysis.