Office (OLE) / .XLS malware analysis — malicious · 193403eb9a2f0d5c

MALICIOUS

Office (OLE) / .XLS

55.5 KB Created: 2006-04-03 10:09:43

MD5: 752522fd65042f3d5196f4287e1370e7 SHA-1: af98d6836ad02a82d2cbcf7909653585ff981347 SHA-256: 193403eb9a2f0d5ce259ae458b20c4a6e72441af1c0c3ab5699444855113194a

60 Risk Score

Malware Insights

MITRE ATT&CK

T1059.005 Visual Basic

The file is an Excel spreadsheet containing a large amount of tabular data that mimics financial or personal information, suggesting a phishing or social engineering lure. The critical heuristic firing for 'OLE_XLS_FORMULA_MACRO_VIRUS' with markers like 'Poppy by VicodinES' indicates the presence of legacy macro-based malware, likely using Visual Basic for Applications (VBA). No specific IOCs beyond the heuristic markers were extracted.

Heuristics 1

Legacy Excel formula macro virus marker critical OLE_XLS_FORMULA_MACRO_VIRUS

Workbook stream contains self-identifying legacy Excel formula macro virus markers. This indicates the document carries formula macro virus content even when no VBA project or modern XLM macro-sheet structure is present.

Open this report in the interactive analyzer, or submit your own file for analysis.