Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 413bba8bad932525…

MALICIOUS

Office (OLE)

16.5 KB Created: 1996-12-26 20:01:00 Authoring application: Microsoft Word 6.0 First seen: 2012-06-14
MD5: c528932092609ac0e81a0259bc32ae6f SHA-1: 81375a1cb938eb6ccb6eb601625838d2faa0c997 SHA-256: 413bba8bad932525380cb8223bd6bce55d6e949e73334cd9db01d904671f6fa7
60 Risk Score

Malware Insights

The file is identified as malicious by ClamAV with the signature Win.Trojan.Trojan-453. The document body explicitly states it is a 'polymorphic BlackKnight Virus' and mentions 'DEMOLITION KIT', indicating a malicious intent to act as a virus. It also references specific file paths that may be related to its operation or dropped components.

Heuristics 1

  • ClamAV: Win.Trojan.Trojan-453 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.Trojan-453

Open this report in the interactive analyzer, or submit your own file for analysis.