Malicious Office (OLE) / .XL — malware analysis report

Static analysis result for SHA-256 4497259e8471a888…

MALICIOUS

Office (OLE) / .XL

15.5 KB Created: 2010-06-15 22:55:26 Authoring application: Microsoft Excel
MD5: 8e35cc9ba95698f67f61c77f81babe24 SHA-1: 5ae812bb0632eb64b6e94e3e530273d46b926fc9 SHA-256: 4497259e8471a8887955812e4287a4aba67b6d0027d11d9fc17580b8267b739e
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.005 Visual Basic for Applications

The file is a malicious Excel spreadsheet containing VBA macros. The presence of an Auto_Open macro indicates that the malicious code will execute automatically upon opening the document. The macro source is 2083 bytes, suggesting it is designed to perform a harmful action, likely downloading and executing a second-stage payload.

Heuristics 2

  • Auto_Open macro high OLE_VBA_AUTO
    Auto_Open macro
  • VBA macros detected medium OLE_VBA_MACROS
    Document contains VBA macro code

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
macros.bas
642cc294d17a63255f5d1778805e19199813afd779a5cb7d5638b3ed356871af		 vba-macro oletools.olevba.extract_macros (decoded VBA source) 2083 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.