Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 4855a30220bd5872…

MALICIOUS

Office (OLE)

12.5 KB Created: 1601-01-01 00:00:00 Authoring application: Microsoft Word 6.0 First seen: 2012-06-14
MD5: 41c9c42faac255d64387694d2fe40fe2 SHA-1: 46751b9326fc5326077d25e84ba9dfac4c00c023 SHA-256: 4855a30220bd5872ff0eddf657fc19803a55b7dca935c7c238778d28145cc15a
60 Risk Score

Malware Insights

The file is an OLE document with a critical ClamAV heuristic firing for Win.Trojan.Echo-1. The document body contains heavily obfuscated VBA-like code, suggesting it is designed to execute malicious macros. The presence of functions like 'StealthCopy' and 'InfectGlobal' indicates an intent to copy or infect other files, likely as part of a larger malware delivery chain.

Heuristics 1

  • ClamAV: Win.Trojan.Echo-1 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.Echo-1

Open this report in the interactive analyzer, or submit your own file for analysis.