Office (OLE) / .XLS malware analysis — malicious · 4d1234a39a7de1e5

MALICIOUS

Office (OLE) / .XLS

2.5 KB First seen: 2026-03-12

MD5: 81ac6a406d16a4cf3c5ffa3fbda96943 SHA-1: 0037149950aa3f2a8ce7db71c8ca0e68467c5da5 SHA-256: 4d1234a39a7de1e5632552b8894cbe83ad5796a496b5d78d5cf231610cfb1776

60 Risk Score

Malware Insights

MITRE ATT&CK

T1204.002 Malicious File T1566.001 Spearphishing Attachment

The sample is an XLS file that fired a critical heuristic for CVE-2026-21509, indicating an attempt to bypass Office Protected View. This suggests the file is designed to exploit this vulnerability upon opening. No document body or scripts were extracted, but the heuristic strongly points to a malicious exploit document.

Heuristics 1

OLE/COM security bypass — CVE-2026-21509 (Killbit/Protected View bypass) critical CVE related CVE_2026_21509

OLE/COM security bypass — CVE-2026-21509 (Killbit/Protected View bypass)

Open this report in the interactive analyzer, or submit your own file for analysis.