Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 4b304826a8e3f967…

MALICIOUS

Office (OLE)

20.0 KB Created: 2012-06-06 01:30:27 Authoring application: WPS Office רҵ°æ First seen: 2015-10-13
MD5: f1eacc1340c9a0d6ce96bbf471ca10c0 SHA-1: 7b7b54f38b67703529b5be6393e596003518e582 SHA-256: 4b304826a8e3f96723e79d818b301900d7455776d8dfa324b00fc59a2999af3b
60 Risk Score

Heuristics 2

  • Reference to Windows Script Host high SC_STR_WSCRIPT
    Reference to Windows Script Host
  • Excel 4.0 (XLM) macro sheet present medium OLE_XLM_AUTOOPEN
    Workbook contains an Excel 4.0 macro sheet sub-stream — XLM is rarely seen in modern legitimate workbooks and was a major Office malware vector during 2020-2022.