Win.Trojan.GhostPuppet — Office (OLE) malware analysis

Static analysis result for SHA-256 41d3b14170f13def…

MALICIOUS

Office (OLE)

32.0 KB First seen: 2019-09-30
MD5: 9bd7f3ea0b23f9d8092b2c0115ab76b2 SHA-1: dfd2248de3f7d018c335cc286c120c0639d165af SHA-256: 41d3b14170f13def49100fa426cb2f9d3e27dd630acdf78cda8ca2504ca52a48
60 Risk Score

Malware Insights

Win.Trojan.GhostPuppet · confidence 95%

ClamAV signature Win.Trojan.GhostPuppet-6712722-3 strongly suggests the file belongs to the GhostPuppet trojan family. The file is an OLE document, and while no specific VBA or script content was detailed, the detection implies malicious code execution, likely via macro or embedded exploit.

Heuristics 1

  • ClamAV: Win.Trojan.GhostPuppet-6712722-3 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.GhostPuppet-6712722-3

Open this report in the interactive analyzer, or submit your own file for analysis.