Win.Trojan.Emperor-8 — Office (OLE) malware analysis

Static analysis result for SHA-256 45b3f64449f65fb2…

MALICIOUS

Office (OLE)

19.0 KB Authoring application: Microsoft Excel First seen: 2012-06-14
MD5: c2e5b28378f4586501a7c2260cdc7f11 SHA-1: bcf98b9d688e17cfcf4244f0d5433d2b07699b07 SHA-256: 45b3f64449f65fb2b27a03bd99a5bdabd0cbfefef996ef6d699b02e071b052df
60 Risk Score

Malware Insights

Win.Trojan.Emperor-8 · confidence 90%

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The file is identified as a malicious Excel document by ClamAV, classified as Win.Trojan.Emperor-8. The document likely employs a macro to execute malicious code, a common technique for initial access via spearphishing attachments. No specific IOCs were extracted beyond the ClamAV detection name.

Heuristics 1

  • ClamAV: Win.Trojan.Emperor-8 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.Emperor-8

Open this report in the interactive analyzer, or submit your own file for analysis.