Malicious Office (OOXML) — malware analysis report

Static analysis result for SHA-256 2ae75795078fc2a6…

MALICIOUS

Office (OOXML)

8.2 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 15.0300 First seen: 2026-06-04
MD5: f75dd554d94e8c045f788476887b03fa SHA-1: f52729eb863f47cb3299eac5633968f2fc47d43e SHA-256: 2ae75795078fc2a680967a783ccbfa979e08df71985860aacd7ce4d924a35089
60 Risk Score

Heuristics 1

  • Spreadsheet DDE link launches a dangerous command critical OOXML_SPREADSHEET_DDE_MALICIOUS
    Excel workbook contains an externalLinks/ddeLink entry whose ddeService/ddeTopic launches a dangerous executable. This is SpreadsheetML DDE command execution, distinct from WordprocessingML DDE field instructions.

Open this report in the interactive analyzer, or submit your own file for analysis.