Office (OLE) / .EXE malware analysis — malicious · 2e52aa0d5ee95b04

MALICIOUS

Office (OLE) / .EXE

7.0 KB Created: 1997-03-15 21:28:00 Authoring application: Microsoft Word 6.0

MD5: 7a8af99a32af2d56592d51ab763afc34 SHA-1: de2d7f2f635be326d18c13666c802bc85bb7500e SHA-256: 2e52aa0d5ee95b046b8e5cb8171199199fff218d3bdb840053bbd3e66a189353

60 Risk Score

Malware Insights

MITRE ATT&CK

T1059.001 PowerShell

The file is identified as a malicious OLE executable by ClamAV with the signature 'Doc.Trojan.Wazzu-6'. The presence of 'autoOpen' and 'fileMacro$' in the document body suggests macro-based execution. The path 'C:\WAZZU-AJ.DOC' is also extracted, potentially indicating a dropped file or a lure document. The exact payload or exploit mechanism is not clear from the provided heuristics, leading to a moderate confidence score.

Heuristics 1

ClamAV: Doc.Trojan.Wazzu-6 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Doc.Trojan.Wazzu-6

Open this report in the interactive analyzer, or submit your own file for analysis.