Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 0eb44dfad9ffe4a2…

MALICIOUS

Office (OLE)

7.5 KB Created: 1999-07-26 03:31:00 Authoring application: Microsoft Word 6.0 First seen: 2012-06-14
MD5: aa12a6a319422b2f6d04ed1160a553a2 SHA-1: e073c5c7b45319fd450221240da9a4a97335ccbb SHA-256: 0eb44dfad9ffe4a2da29fe01b9ee2cc519016fc70554ef5cf0d3423db992ebb3
60 Risk Score

Malware Insights

MITRE ATT&CK
T1204.002 Malicious File

The file was detected as Win.Trojan.Deviator-1 by ClamAV, indicating malicious intent. The embedded document metadata, including file paths and author names like 'Deviator/HAZARD', suggests an attempt to obfuscate the true nature of the file and potentially mislead analysis. The presence of these paths and names within the document body points to a malicious document designed to appear as a benign text file.

Heuristics 1

  • ClamAV: Win.Trojan.Deviator-1 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.Deviator-1