Office (OLE) / .EXE malware analysis — malicious · 3e1b80e39182a2f1

MALICIOUS

Office (OLE) / .EXE

11.5 KB Created: 1997-02-19 15:51:00 Authoring application: Microsoft Word for Windows 95

MD5: 41dfd9a79d0d561f0061ad1f8371d687 SHA-1: 8b24195f73341d3e2205261a2b4fcce33ec9d679 SHA-256: 3e1b80e39182a2f1585529e41527d44d31ca294674f9903204030d8f8d657b95

60 Risk Score

Malware Insights

The file is detected as "Doc.Trojan.Wazzu-6" by ClamAV, indicating a known trojan. The document body contains strings like "This is a Macro Goat File. Infected with Wazzu.J Virus." and "You MAY be infected already!". It also references local file paths and a network share, suggesting potential infection vectors or dropped files. The presence of 'autoOpen' and 'AUTOOPEN' suggests a macro that executes automatically upon opening the document.

Heuristics 1

ClamAV: Doc.Trojan.Wazzu-6 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Doc.Trojan.Wazzu-6

Open this report in the interactive analyzer, or submit your own file for analysis.