Office (OLE) / .PPT malware analysis — malicious · 22a445356eb40984

MALICIOUS

Office (OLE) / .PPT

616.5 KB Created: 1601-01-01 00:00:00 Authoring application: Microsoft PowerPoint

MD5: 5fcb60c6073d584f31fabeeae361d377 SHA-1: 8eacaee99f4f0c99c082f6085eb141af338de4de SHA-256: 22a445356eb4098431d5385f3f4f7251fa5c4d661373e9c69b910bb9afbafc89

140 Risk Score

Malware Insights

MITRE ATT&CK

T1204.002 Malicious File T1059.001 PowerShell

The file's metadata and ClamAV detection strongly suggest it is a malicious exploit. The presence of LoadLibrary and GetProcAddress API calls further supports the likelihood of it being a trojan or exploit loader. No document body or script content was available for further analysis, limiting the ability to determine the specific attack vector or payload.

Heuristics 3

ClamAV: Win.Trojan.Exploit-110 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Win.Trojan.Exploit-110
Reference to LoadLibrary API high SC_STR_LOADLIBRARY

Reference to LoadLibrary API
Reference to GetProcAddress API high SC_STR_GETPROCADDRESS

Reference to GetProcAddress API

Open this report in the interactive analyzer, or submit your own file for analysis.