Malicious Office (OLE) / .DOC — malware analysis report

Static analysis result for SHA-256 3d3148a046d4fccf…

MALICIOUS

Office (OLE) / .DOC

384.5 KB Created: 2010-04-14 14:45:00 Authoring application: Microsoft Office Word
MD5: b87dbf9d984c066d2bd7cdb85860a543 SHA-1: 985eea2d9426b35322b4d199af43131b2c3f53ff SHA-256: 3d3148a046d4fccf260bbd95bcd5472e493a9ece0bda9459e85bb4261f1e1667
60 Risk Score

Malware Insights

The file is detected as Win.Trojan.Trafox-3 by ClamAV. While no specific malicious scripts were extracted, the presence of an embedded URL and the ClamAV detection suggest a malicious document, likely designed to trick users into enabling macros to download further payloads. The document body is minimal, offering no further clues to the specific lure.

Heuristics 2

  • ClamAV: Win.Trojan.Trafox-3 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.Trafox-3
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://schemas.openxmlformats.org/drawingml/2006/main

Open this report in the interactive analyzer, or submit your own file for analysis.