Malicious Office (OLE) / .EXE — malware analysis report

Static analysis result for SHA-256 2c3f6b36fa9b8b35…

MALICIOUS

Office (OLE) / .EXE

250.0 KB Created: 1999-12-16 23:37:48 Authoring application: Microsoft Excel
MD5: 65269ba20bff143704baf613e1d3fe48 SHA-1: 7b48bff3a2897c8a93b3dbc11ea27ce7422764ce SHA-256: 2c3f6b36fa9b8b35d1bed2213c854d861d5feb81ed239008148b7aee7a487c6d
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1059.005 Visual Basic

The file is an Excel OLE document with a high-severity heuristic indicating the presence of an Auto_Open VBA macro. This macro is likely intended to execute malicious code upon opening the document, a common technique for initial access. No specific IOCs were extracted, and the family could not be determined.

Heuristics 2

  • Auto_Open macro high OLE_VBA_AUTO
    Auto_Open macro
  • VBA macros detected medium OLE_VBA_MACROS
    Document contains VBA macro code

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
macros.bas
9fa62a43159a2e914505e30e98ded8139a4f981fe9a3901dd3ca19ca3767a806		 vba-macro oletools.olevba.extract_macros (decoded VBA source) 1933 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.