Concept Office (OLE) / .EXE malware analysis — malicious · 33d8cc81d1e8c7bb

MALICIOUS

Office (OLE) / .EXE

14.5 KB Created: 1997-11-18 16:24:00 Authoring application: Microsoft Word for Windows 95

MD5: 772f8cd3420c22cc933a9fd826c5ab1f SHA-1: 8a4721c98d7f5779d678e8a4a2bf18f430e5f0e2 SHA-256: 33d8cc81d1e8c7bbaf7cafbfd81b03ed585f4d95b1f7c3448894c61e8d5e5d7c

60 Risk Score

Malware Insights

Concept · confidence 95%

The file is detected as Win.Trojan.Concept-8 by ClamAV, indicating it belongs to the Concept malware family. The DOC BODY and OFFICE FACTS reveal that the sample attempts to install 'AutoClose' and 'PayLoad' macros into the 'Normal.dot' template, which is a common technique for establishing persistence and facilitating the spread of macro-based malware. The embedded text explicitly mentions installing macros to 'help prevent the spread and contraction of the prank macros' and cleaning the Normal template, further supporting this analysis.

Heuristics 1

ClamAV: Win.Trojan.Concept-8 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Win.Trojan.Concept-8

Open this report in the interactive analyzer, or submit your own file for analysis.