Office (OLE) / .PPT malware analysis — malicious · 11df0462766d7d33

MALICIOUS

Office (OLE) / .PPT

1.24 MB

MD5: d43215c5b31aee637cb9266fffdead48 SHA-1: 7e45a5744f834f46d7111627f9ea116ad5c520dd SHA-256: 11df0462766d7d335124cf3f6e21c48b5dbadaf7c1c842a82b6272d9f88a66c4

60 Risk Score

Malware Insights

MITRE ATT&CK

T1027 Obfuscated Files or Information

The primary finding is the use of XOR-encoded strings with a key of 0x46, a common technique for evading static analysis. The document body contains placeholder text and does not provide further clues about the specific malicious intent. No other malicious indicators were extracted.

Heuristics 1

XOR-encoded strings (key 0x46) critical SC_XOR_ENCODED

Found 3 Windows library/API name(s) XOR-encoded with single-byte key 0x46: 'shlwapi.dll', 'VirtualAlloc', 'CreateProcessA'

Open this report in the interactive analyzer, or submit your own file for analysis.