Office (OLE) / .DOC malware analysis — malicious · 14b43a8f6e6115f0

MALICIOUS

Office (OLE) / .DOC

22.5 KB Created: 2009-05-22 18:50:00 Authoring application: Microsoft Word 10.0

MD5: b9cd1553d557557c3504f8cc41de9fe9 SHA-1: d2afeb341bbf2312d82949df922e5709444ffc34 SHA-256: 14b43a8f6e6115f0a685be490cd5bb477e3a655f9bc605e2340af2020fbcdefe

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.001 Spearphishing Attachment

The sample is a malicious Word document containing VBA macros. The Document_Open subroutine attempts to disable macro security warnings and then uses Outlook to send copies of the document to contacts, likely as part of a phishing or spam campaign. The macro also attempts to infect the Normal template and the current document with its code.

Heuristics 1

ClamAV: Doc.Trojan.Venom-1 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Doc.Trojan.Venom-1

Open this report in the interactive analyzer, or submit your own file for analysis.