Office (OLE) / .DOC malware analysis — malicious · 2ba12f4837e6688a

MALICIOUS

Office (OLE) / .DOC

64.0 KB Created: 2021-06-14 11:06:00 Authoring application: Microsoft Office Word

MD5: 8d73b0e61b36bfd6c98aaa23b8211d8b SHA-1: 5944371ad9ab5a7d37be8631a2b625439b5bf814 SHA-256: 2ba12f4837e6688a192af6cbb631c9bfcf2bcdb72a530fc39266fe6c3a1b2778

62 Risk Score

Malware Insights

MITRE ATT&CK

T1566.001 Spearphishing Attachment

The document exhibits characteristics of an advance-fee scam, including language related to lotteries, prizes, and parcel delivery requirements. It also contains a callback lure, prompting the user to contact a phone number under the guise of billing or security issues. No scripts were extracted from this sample, and the embedded URL is a schema URL, not a malicious one.

Heuristics 3

Advance-fee lottery/parcel scam lure high SE_ADVANCE_FEE_SCAM_LURE

Document contains lottery/beneficiary or prize language together with large-value draft/funds wording and parcel/courier delivery requirements. This is a classic advance-fee fraud document shape.
Callback phishing phone lure medium SE_CALLBACK_LURE

Document asks the user to call a phone number in billing, refund, subscription, fraud, or security context — consistent with callback phishing or tech-support scam patterns
Embedded URL info EMBEDDED_URL

One or more URLs were extracted from the document. The URL itself is not a detection — context-specific rules above attribute URLs they actually evaluated; this rule lists URLs that were present in the bytes but were not otherwise tied to a specific finding.

URL http://schemas.openxmlformats.org/drawingml/2006/main

Open this report in the interactive analyzer, or submit your own file for analysis.