Malicious Office (OLE) / .XLS — malware analysis report

Static analysis result for SHA-256 26dcc4d32bd67740…

MALICIOUS

Office (OLE) / .XLS

70.0 KB Created: 2007-08-01 07:19:18 Authoring application: Microsoft Excel
MD5: 97c7bd5613c3593704f156dc5db62f7f SHA-1: c1644becc5ef2673ff46808ceb31d1ba5383f119 SHA-256: 26dcc4d32bd67740e8337c25ecdfd3fd6b51446437f2449cc1a0853f7a7b308c
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.005 Visual Basic

The file is an Excel spreadsheet containing a large VBA macro. The presence of an Auto_Open macro indicates that malicious code is intended to execute automatically upon opening the file. The macro source is 38040 bytes, suggesting significant functionality, likely for downloading and executing a secondary payload, though the specific actions are not detailed in the provided evidence.

Heuristics 2

  • Auto_Open macro high OLE_VBA_AUTO
    Auto_Open macro
  • VBA macros detected medium OLE_VBA_MACROS
    Document contains VBA macro code

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
macros.bas
821513e336c1ae89cc348efc11496decd2c684be7429fa2c5c28466ed53114d0		 vba-macro oletools.olevba.extract_macros (decoded VBA source) 38040 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.