Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 37d7b5b6e812a8f5…

MALICIOUS

Office (OLE)

368.0 KB Created: 1998-04-13 02:50:00 Authoring application: Microsoft Word for Windows 95
MD5: 130f99ea2fe415dca4e9c19759e2cd8c SHA-1: 7dc8eea6a3d9c013b0889d49bfbb0daaeb6434a8 SHA-256: 37d7b5b6e812a8f53304585834b811d3b5c4e2f9a4ec5d880dcd31fd7c091a75
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.001 PowerShell

The file is identified as malicious by ClamAV with the signature Win.Trojan.Tm-1. The document body contains numerous file paths and printer driver related strings, suggesting an attempt to disguise or deliver malicious content. The presence of 'AUTOOPEN' and printer escape codes indicates potential macro execution or exploitation of document handling vulnerabilities. The exact payload or exploit mechanism is unclear due to the lack of script content, but the overall structure points to a trojan delivery attempt.

Heuristics 1

  • ClamAV: Win.Trojan.Tm-1 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.Tm-1

Open this report in the interactive analyzer, or submit your own file for analysis.