Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 0d680a893afe6a74…

MALICIOUS

Office (OLE)

59.5 KB Authoring application: Microsoft Excel First seen: 2012-06-14
MD5: 160fe76217d096622e9d60ccad7b9b30 SHA-1: afbb2e37bb2bab890830e92213ffeefe7733c729 SHA-256: 0d680a893afe6a74076ca5ebb0e8edb0f877aca4c36f31bfc6da5b06e59bbe00
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.005 Visual Basic

The file contains markers indicative of the Excel 5 Laroux macro virus. This family of malware is known to execute malicious VBA code upon opening, often for the purpose of downloading and executing additional payloads or performing other malicious actions. No specific IOCs were extracted, but the presence of the Laroux marker strongly suggests malicious intent.

Heuristics 1

  • Excel 5 Laroux/Larou-CV macro-virus marker cluster critical OLE_XLS5_LAROUX_MACRO_VIRUS
    Legacy Excel workbook contains a Laroux/Larou-CV macro-virus marker cluster including auto_open execution and workbook/module replication strings. This is a narrow indicator for an infected legacy Excel macro workbook.

Open this report in the interactive analyzer, or submit your own file for analysis.