Win.Trojan.NPad-1 — Office (OLE) / .DOT malware analysis

Static analysis result for SHA-256 06afe25778921da6…

MALICIOUS

Office (OLE) / .DOT

11.0 KB Created: 1601-01-01 00:00:00 Authoring application: Microsoft Word 6.0
MD5: adef9437fe3ec9fee56c8e1d2220b1e4 SHA-1: 467dbb06f650f5e9d0673ad223c9e9efb2e6420f SHA-256: 06afe25778921da6b7256a435d13ed79b86e8aa53a32aa985ec76503b03d2784
60 Risk Score

Malware Insights

Win.Trojan.NPad-1 · confidence 95%

The file is identified as a malicious Word template by ClamAV, specifically Win.Trojan.NPad-1. The document body contains numerous VBA macro-related keywords and function names, strongly indicating the presence and execution of Visual Basic for Applications code. This macro code is likely responsible for downloading and executing the NPad malware.

Heuristics 1

  • ClamAV: Win.Trojan.NPad-1 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.NPad-1

Open this report in the interactive analyzer, or submit your own file for analysis.