Office (OLE) / .SEN malware analysis — malicious · 4f1d558f6fd705f5

MALICIOUS

Office (OLE) / .SEN

92.9 KB Created: 2006-01-25 08:30:00 Authoring application: Microsoft Office Word

MD5: c6fa35b0624f0bb54e817692a32bf420 SHA-1: 733d597ec94cfb93084759ccaece9c36ba4eadfe SHA-256: 4f1d558f6fd705f5d676a01ba30ee357348d7f192c8af6649c998e099112c849

60 Risk Score

Malware Insights

MITRE ATT&CK

T1027 Obfuscated Files or Information

The sample is identified as malicious due to the presence of XOR-encoded strings, a common technique for obfuscating malicious payloads. The specific encoding key (0xFF) and its location were identified. Without further script or body content, the exact nature of the malicious activity remains unclear, but obfuscation is a strong indicator of malicious intent.

Heuristics 1

XOR-encoded strings (key 0xFF) critical SC_XOR_ENCODED

Found 7 Windows library/API name(s) XOR-encoded with single-byte key 0xFF: 'KERNEL32.DLL', 'LoadLibraryA', 'LoadLibraryA', 'GetProcAddress', 'VirtualProtect', 'CreateProcessA', 'ExitProcess'

Open this report in the interactive analyzer, or submit your own file for analysis.