Malicious Office (OLE) / .EXE — malware analysis report

Static analysis result for SHA-256 2e1811e689186941…

MALICIOUS

Office (OLE) / .EXE

45.0 KB Created: 1999-02-08 09:24:15 Authoring application: Microsoft Excel
MD5: b6c8937d8401eb8138d52b2998e55aa8 SHA-1: 876901cdf64814e01b9bfa810ea8200348956c8a SHA-256: 2e1811e689186941a77f188997c83bd581624cbd66017315c7c8e3ff1dcbd804
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.005 Visual Basic

The file is an Excel OLE executable containing a VBA macro. The presence of an Auto_Open macro indicates that malicious code is intended to execute automatically when the file is opened. No specific family could be identified from the available heuristics, and no external IOCs were extracted.

Heuristics 2

  • Auto_Open macro high OLE_VBA_AUTO
    Auto_Open macro
  • VBA macros detected medium OLE_VBA_MACROS
    Document contains VBA macro code

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
macros.bas
db4e9e4a8d29d4a4ffbf9bf883a5eb930f11f534d53cf322f5010b60fd0eb0ad		 vba-macro oletools.olevba.extract_macros (decoded VBA source) 3979 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.