Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 2d260a1e59383139…

MALICIOUS

Office (OLE)

11.5 KB Created: 1997-04-04 21:32:00 Authoring application: Microsoft Word for Windows 95
MD5: 1b0f8a78759bffd33307faefff759cd0 SHA-1: 57d495bc3e9be4435af6af4f59abcc22f8a5a6a9 SHA-256: 2d260a1e593831396288e1804c9f8adc55309838f7b2c54de99d779f2e5b65f7
60 Risk Score

Malware Insights

The sample is a Word 95 document containing a macro that attempts to achieve persistence by copying itself to the 'normal.dot' template. The macro is designed to execute automatically upon opening documents, indicated by the 'autoopen' subroutine. The presence of 'Win.Trojan.Minimal-57' detection further supports its malicious nature.

Heuristics 1

  • ClamAV: Win.Trojan.Minimal-57 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.Minimal-57

Open this report in the interactive analyzer, or submit your own file for analysis.