Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 3ddee507b5c314c1…

MALICIOUS

Office (OLE)

45.5 KB Created: 2002-06-27 12:42:35 Authoring application: Microsoft Excel First seen: 2015-09-20
MD5: 3074d3f8f90b7de764ab2ec5ba66a370 SHA-1: b6e3fa89600c509fc144d91ae60f86a973ab3e74 SHA-256: 3ddee507b5c314c1c59e66545d626d0251d7d7660966d40cbc417853dffd394e
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.005 Visual Basic

The critical heuristic firing indicates the presence of the Laroux-CV macro-virus, a known Excel 5 macro virus. The presence of embedded macros suggests an attempt to spread or execute malicious code within the Excel environment. No specific IOCs were extracted from the document body or other sections.

Heuristics 1

  • Excel 5 Laroux/Larou-CV macro-virus marker cluster critical OLE_XLS5_LAROUX_MACRO_VIRUS
    Legacy Excel workbook contains a Laroux/Larou-CV macro-virus marker cluster including auto_open execution and workbook/module replication strings. This is a narrow indicator for an infected legacy Excel macro workbook.