Malicious Office (OLE) / .EXE — malware analysis report

Static analysis result for SHA-256 3fc57a5aec998e16…

MALICIOUS

Office (OLE) / .EXE

53.5 KB Created: 1999-02-08 09:24:15 Authoring application: Microsoft Excel
MD5: 2219e80533a514c19a02bb1cb7b70716 SHA-1: 07bb48c254b113ef256cf14b2c11b1e2afdd26f5 SHA-256: 3fc57a5aec998e16be149044308ddaf8e961f728a5cbabede217e919cf247576
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1059.005 Visual Basic

The file is an Office document containing VBA macros, specifically an Auto_Open macro, which is a common technique for initial execution. The presence of an Auto_Open macro strongly suggests that the file is designed to run malicious code automatically upon opening. No specific family could be identified from the available heuristics.

Heuristics 2

  • Auto_Open macro high OLE_VBA_AUTO
    Auto_Open macro
  • VBA macros detected medium OLE_VBA_MACROS
    Document contains VBA macro code

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
macros.bas
066f0ce645f6e041f217c4c68e52f1c8c98fce4687c2f6e4a7c68f601f58b529		 vba-macro oletools.olevba.extract_macros (decoded VBA source) 1847 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.