Office (OLE) / .DOCX malware analysis — malicious · 26342454904173c2

MALICIOUS

Office (OLE) / .DOCX

11.0 KB Created: 2006-03-09 12:15:00 Authoring application: Microsoft Word for Windows 95

MD5: 59bd079d005b17560df1dc3cf5b0b5dc SHA-1: 866398c316fbab27dc5c74b96de7bb2a40902749 SHA-256: 26342454904173c28fd6bc33459b5ad3b60e095f0931ea0abf5d7d69e7f3a390

60 Risk Score

Malware Insights

The file is detected as Win.Trojan.Rats-1 by ClamAV. The presence of VBA macros, specifically referencing 'AutoOpen' and 'FileOpen' functions, suggests an attempt to execute malicious code upon opening the document. The macro names like 'DaniloffMuDaK' and 'WWUpdated' are indicative of custom or known malicious VBA routines. No specific IOCs beyond the ClamAV detection name were extracted.

Heuristics 1

ClamAV: Win.Trojan.Rats-1 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Win.Trojan.Rats-1

Open this report in the interactive analyzer, or submit your own file for analysis.