Office (OLE) / .EXE malware analysis — malicious · 2bb33917da775c9e

MALICIOUS

Office (OLE) / .EXE

13.5 KB Created: 1980-01-04 11:41:45 Authoring application: Microsoft Excel

MD5: 985a74d2fece7740e28282421396d9b9 SHA-1: 5e507b475904887c82e84af3df4600e25d9e9451 SHA-256: 2bb33917da775c9ec9b77c0b6a3f1b2065fdd1b83f7c2063ae67292733ecdd54

62 Risk Score

Malware Insights

MITRE ATT&CK

T1059.005 Visual Basic

The critical heuristic firing for OLE_XLS5_LAROUX_MACRO_VIRUS indicates this is a known type of macro virus. The presence of markers like 'laroux', 'auto_open', and 'PERSONAL.XLS' strongly suggests its malicious intent and potential for self-propagation within Excel environments. No VBA macros could be extracted for further analysis.

Heuristics 2

Excel 5 Laroux macro-virus marker cluster critical OLE_XLS5_LAROUX_MACRO_VIRUS

Legacy Excel workbook contains the Laroux macro-virus marker cluster including the hidden laroux module, auto_open/check_files routines, and PERSONAL.XLS replication strings. This is a narrow indicator for an infected legacy Excel macro workbook.
Unsupported Office format for VBA extraction info OFFICE_FORMAT_UNSUPPORTED

olevba could not extract VBA macros (PermissionError); format-agnostic byte-level scans still ran. Likely legacy, encrypted, or malformed OLE/OOXML — re-scanning the same bytes will yield the same outcome.

Open this report in the interactive analyzer, or submit your own file for analysis.