Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 3324e55374cdc542…

MALICIOUS

Office (OLE)

108.0 KB Created: 2003-08-19 04:23:00 Authoring application: Microsoft Word 8.0
MD5: d14a3408cad3d19ec14e5ce5f3b77358 SHA-1: 69b071989cce2ae22a05103c47bc16b6715a2681 SHA-256: 3324e55374cdc54229244dd997f0115e7478512195a8c0b62b889d329607ef3c
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.005 Visual Basic for Applications T1566.001 Spearphishing Attachment

The file is an OLE document containing VBA macros, specifically an AutoOpen macro, which is a common technique for executing malicious code upon opening. The document body content, while appearing benign, serves as a lure to encourage macro execution. No specific malware family could be identified from the available heuristics.

Heuristics 2

  • AutoOpen macro high OLE_VBA_AUTOOPEN
    AutoOpen macro
  • VBA macros detected medium OLE_VBA_MACROS
    Document contains VBA macro code

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
macros.bas
d19862a71aff431f73ec3a529505d1574d686aa9648b76244a6967fbcd3fcfda		 vba-macro oletools.olevba.extract_macros (decoded VBA source) 1209 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.