Win.Trojan.Laroux-10 — Office (OLE) malware analysis

Static analysis result for SHA-256 40ad96fe4f34f055…

MALICIOUS

Office (OLE)

20.5 KB First seen: 2012-06-14
MD5: 75fbd898e0c2126497cacc213bb070dd SHA-1: cbdc28850523c0a10521cd5e6260efcc16468bfd SHA-256: 40ad96fe4f34f0552277317910de2315a54b5049ce9da1a87ea66dcf11f256bb
120 Risk Score

Malware Insights

Win.Trojan.Laroux-10 · confidence 95%

MITRE ATT&CK
T1059.005 Visual Basic

The file is identified as a Win.Trojan.Laroux-10, a known macro virus. The presence of Laroux markers and the ClamAV detection strongly indicate its malicious nature. Macro viruses like this are typically used to download and execute further stages of malware, often through embedded scripts or external resources.

Heuristics 2

  • ClamAV: Win.Trojan.Laroux-10 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.Laroux-10
  • Excel 5 Laroux/Larou-CV macro-virus marker cluster critical OLE_XLS5_LAROUX_MACRO_VIRUS
    Legacy Excel workbook contains a Laroux/Larou-CV macro-virus marker cluster including auto_open execution and workbook/module replication strings. This is a narrow indicator for an infected legacy Excel macro workbook.