Office (OLE) / .VXE malware analysis — malicious · 3e6daa1f8256dda8

MALICIOUS

Office (OLE) / .VXE

183.5 KB Created: 2004-09-28 09:08:01 Authoring application: Microsoft Excel

MD5: fd29e82eb93cd65878934cc7b221f499 SHA-1: c5a4cfc8e283061ebe888f48ee22893c977b747d SHA-256: 3e6daa1f8256dda8f025dd66d0682f19347d0060f76b6baac6265c4c3802fd99

60 Risk Score

Malware Insights

MITRE ATT&CK

T1059.005 Visual Basic for Applications

The file is identified as a legacy Excel macro virus, specifically 'Poppy by VicodinES' and 'XF.Classic'. The heuristics indicate it's an Excel Formula Macro Virus. The embedded document text contains references to the virus names and its origins, suggesting its primary function is to infect other Excel files. No network IOCs or further execution details were extracted.

Heuristics 1

Legacy Excel formula macro virus marker critical OLE_XLS_FORMULA_MACRO_VIRUS

Workbook stream contains self-identifying legacy Excel formula macro virus markers. This indicates the document carries formula macro virus content even when no VBA project or modern XLM macro-sheet structure is present.

Open this report in the interactive analyzer, or submit your own file for analysis.