Malicious Office (OLE) / .EXE — malware analysis report

Static analysis result for SHA-256 2369db2fdae52972…

MALICIOUS

Office (OLE) / .EXE

45.5 KB Created: 1999-04-04 15:09:56 Authoring application: Microsoft Excel
MD5: 7c09ed2327d2c69efbad4c0506f33bad SHA-1: 69f20dd38fdc5ec10b7b39a6d127d5d294ed3a56 SHA-256: 2369db2fdae52972403418d9d83798fcd493b45439ea61ca32e39317fa314b76
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.005 Visual Basic

The file is an Excel OLE document identified as malicious. It contains a VBA macro, specifically an Auto_Open macro, which is a common technique for executing malicious code automatically when the document is opened. No specific IOCs were extracted, but the presence of an Auto_Open macro strongly suggests an attempt to run arbitrary code.

Heuristics 2

  • Auto_Open macro high OLE_VBA_AUTO
    Auto_Open macro
  • VBA macros detected medium OLE_VBA_MACROS
    Document contains VBA macro code

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
macros.bas
d178466d8cca3c7fb28de35c19bf897564bfaef3b7e6d82847287ec4e4354f7e		 vba-macro oletools.olevba.extract_macros (decoded VBA source) 1888 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.