Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 143efcb4d1787747…

MALICIOUS

Office (OLE)

36.0 KB Authoring application: Microsoft Excel First seen: 2012-06-14
MD5: 5d6b555f89ce4e8d9ea72dcc74e89818 SHA-1: 056b81ff1c52f0986156a2c8f84fe23e4f7e05b6 SHA-256: 143efcb4d17877476e822a79f66c2a78c02d6e5c534696a307f9204aa19dde8c
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.005 Visual Basic T1566.001 Spearphishing Attachment

The critical heuristic firing for OLE_XLS5_LAROUX_MACRO_VIRUS indicates the presence of a known macro virus within the Excel 5 file. This type of macro is designed to execute malicious code upon opening the document, likely attempting to download and execute further payloads or perform other malicious actions. The document body content appears corrupted or non-standard, providing no additional context for the macro's specific purpose.

Heuristics 1

  • Excel 5 Laroux/Larou-CV macro-virus marker cluster critical OLE_XLS5_LAROUX_MACRO_VIRUS
    Legacy Excel workbook contains a Laroux/Larou-CV macro-virus marker cluster including auto_open execution and workbook/module replication strings. This is a narrow indicator for an infected legacy Excel macro workbook.