MALICIOUS
80
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The critical ClamAV heuristic and the medium OOXML_EXTERNAL_REL heuristic indicate that this Office document contains an external relationship pointing to a remote script. This suggests the document is designed to download and execute a second-stage payload from the specified URL, likely as part of a phishing campaign.
Heuristics 2
-
ClamAV: Doc.Downloader.PPTRemoteScript-6838713-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Doc.Downloader.PPTRemoteScript-6838713-0
-
External relationship medium OOXML_EXTERNAL_RELExternal target in ppt/slides/_rels/slide1.xml.rels: script:http:\\commail.co:5453\qqqzqa
Open this report in the interactive analyzer, or submit your own file for analysis.