Office (OLE) / .XLS malware analysis — malicious · 24d26803a3f2cfaa

MALICIOUS

Office (OLE) / .XLS

2.5 KB First seen: 2026-04-13

MD5: b0feacb72ff7339d08595369f4f11c5b SHA-1: bc899567f67212faa988563aa941860f47e0e364 SHA-256: 24d26803a3f2cfaa6c784c443afb9102abcfbe88af090cad3c4303545415baa4

60 Risk Score

Malware Insights

MITRE ATT&CK

T1204.002 Malicious File T1566.002 Spearphishing Attachment

The sample is an OLE file that fired a critical heuristic for CVE-2026-21509, indicating a security bypass vulnerability. The presence of a URL within the document body suggests it is intended to download and execute a secondary payload. The extracted URL is the primary indicator of compromise.

Heuristics 1

OLE/COM security bypass — CVE-2026-21509 (Killbit/Protected View bypass) critical CVE related CVE_2026_21509

OLE/COM security bypass — CVE-2026-21509 (Killbit/Protected View bypass)

Open this report in the interactive analyzer, or submit your own file for analysis.