Office (OLE) malware analysis — malicious · 16e216aafa2afc1b

MALICIOUS

Office (OLE)

21.0 KB Created: 1997-02-20 02:04:00 Authoring application: Microsoft Word for Windows 95

MD5: 1a3125181324bd2bc9fd75cc8e7ead4d SHA-1: 84caf8c77f82f5be58dee8fefd01d0f17b190a4b SHA-256: 16e216aafa2afc1b7d07bcbbd73c81b900a252ff4699558ecde41bd4bbbc0132

60 Risk Score

Malware Insights

MITRE ATT&CK

T1203 Exploitation for Client Execution T1566.001 Spearphishing Attachment

The file is an OLE document with a high risk score and is detected by ClamAV as Win.Trojan.Macro-11. The document's metadata indicates it was created in 1997, suggesting it may exploit a known vulnerability in older Microsoft Word versions. While no specific VBA or script content was extracted, the heuristic detection and file type strongly indicate an exploit targeting client execution, likely delivered via spearphishing.

Heuristics 1

ClamAV: Win.Trojan.Macro-11 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Win.Trojan.Macro-11

Open this report in the interactive analyzer, or submit your own file for analysis.