Office (OLE) / .NJ- malware analysis — malicious · 09bb2ca7671ce3e9

MALICIOUS

Office (OLE) / .NJ-

300.0 KB Created: 1996-12-27 11:27:00 Authoring application: Microsoft Word 6.0

MD5: f30e6d40a4d3d40b6a129849933bc2a9 SHA-1: 7cad4032c96129fb0d23b99fa843961d8e8800e2 SHA-256: 09bb2ca7671ce3e97e9cfaed76bf8d3b2d6eab625e6866c50972a3a539f61a65

60 Risk Score

Malware Insights

MITRE ATT&CK

T1203 Exploitation for Client Execution

The file is identified as malicious by ClamAV with the signature Win.Tool.WM-11, indicating it's a known malware tool. The document metadata suggests it's an older Microsoft Word file (version 6.0), and the presence of 'AutoOpen' and embedded strings like 'C:\DLITION\WORD6\SVGA\DLITION.DOK' strongly suggest it's designed to exploit a vulnerability upon opening, likely leading to arbitrary code execution.

Heuristics 1

ClamAV: Win.Tool.WM-11 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Win.Tool.WM-11

Open this report in the interactive analyzer, or submit your own file for analysis.