Malicious Office (OLE) / .TXT — malware analysis report

Static analysis result for SHA-256 2c4f051a28a1dea5…

MALICIOUS

Office (OLE) / .TXT

59.0 KB Created: 2000-06-14 14:38:00 Authoring application: Microsoft Word 8.0
MD5: 519cec0705c23065c482ea1772ffeee5 SHA-1: 02a058b132f8ec9fcfcd639597522fb98466e4aa SHA-256: 2c4f051a28a1dea53a596469094c4e05fd878e653b19de6f5589b907770fdf7c
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.005 Visual Basic

The file is an Office document containing VBA macros, specifically triggering an Auto_Close event. This indicates an attempt to automatically execute malicious code when the document is closed. No specific family could be identified, and no external IOCs were extracted from the provided evidence.

Heuristics 2

  • Auto_Close macro high OLE_VBA_AUTOCLOSE
    Auto_Close macro
  • VBA macros detected medium OLE_VBA_MACROS
    Document contains VBA macro code

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
macros.bas
9eb77b7b0aec85a47374934427aa589bf0efda28e3c2cacac845194958fdc675		 vba-macro oletools.olevba.extract_macros (decoded VBA source) 2064 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.