Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 26e8ecdff505b146…

MALICIOUS

Office (OLE)

14.5 KB Created: 1996-08-30 12:57:00 Authoring application: Microsoft Word for Windows 95 First seen: 2012-06-14
MD5: a233ac7efc8fc1465efe7968d740c0e1 SHA-1: de99cb270d6959f8df593eb0c67f4e1473659177 SHA-256: 26e8ecdff505b146d1219d4533d321e4b790c6255571473ffc37d4e3b28ee532
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The file is detected as Win.Trojan.Gangsterz-1 by ClamAV, indicating it is a known piece of malware. The document body contains text referencing 'Word Macro Virus' and 'Big Daddy Cool', suggesting a macro-based threat. While no specific IOCs like URLs or hashes were extracted, the heuristic detection and document content point towards a malicious macro payload.

Heuristics 1

  • ClamAV: Win.Trojan.Gangsterz-1 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.Gangsterz-1