Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 05ce0c105fc8de72…

MALICIOUS

Office (OLE)

12.0 KB Created: 1996-03-16 12:07:00 Authoring application: Microsoft Word for Windows 95 First seen: 2012-06-14
MD5: d03aec6917801db9c4e20b5fe40bdfcc SHA-1: fac0913aa2bcf7329f195c8c046cec82c872ed94 SHA-256: 05ce0c105fc8de72e96888474cf1f3025c8e9364be60c62ccada7519dd1e969d
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The file is detected as a known macro virus by ClamAV. The document body explicitly warns the user about a potential macro virus infection and mentions 'Word.Macro.ITALIAN Virus' and 'CYBERLORD!!', indicating a social engineering attempt to scare the user. The presence of multiple identical macro-related strings suggests a macro-based infection vector.

Heuristics 1

  • ClamAV: Doc.Trojan.Italian-11 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Doc.Trojan.Italian-11

Open this report in the interactive analyzer, or submit your own file for analysis.