Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 0e31c4da140a2c19…

MALICIOUS

Office (OLE)

178.5 KB Created: 1999-08-03 06:50:48 Authoring application: Microsoft Excel First seen: 2012-06-14
MD5: 1ef1ae4cdad2a02f6daf3dc22c0b5f0b SHA-1: d910e13335a7fdbedfdbfc8c4bf8ad7413055a23 SHA-256: 0e31c4da140a2c19c9fa956ab8b54caf9b1ee42929bae1914c34e6ad51b3cd54
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.005 Visual Basic

The file is an Excel 5 OLE document identified as a macro-virus. The heuristic firing indicates the presence of the Laroux macro virus, known for its replication and infection capabilities. The document body contains a lure message, suggesting an attempt to deceive the user, and the presence of the macro indicates it likely attempts to execute malicious actions upon opening.

Heuristics 1

  • Excel 5 Laroux/Larou-CV macro-virus marker cluster critical OLE_XLS5_LAROUX_MACRO_VIRUS
    Legacy Excel workbook contains a Laroux/Larou-CV macro-virus marker cluster including auto_open execution and workbook/module replication strings. This is a narrow indicator for an infected legacy Excel macro workbook.

Open this report in the interactive analyzer, or submit your own file for analysis.