MALICIOUS
60
Risk Score
Malware Insights
MITRE ATT&CK
T1203 Exploitation for Client Execution
The file is a Microsoft Word 6.0 document identified by ClamAV as Win.Trojan.Theatre-2. The document body contains repeated references to file paths and the 'DOCCLOSE', 'FILECLOSE', and 'TOOLSMACRO' keywords, suggesting it may contain or attempt to trigger embedded malicious macros or exploit code. The primary attack vector is likely exploitation of a client vulnerability.
Heuristics 1
-
ClamAV: Win.Trojan.Theatre-2 critical CLAMAV_DETECTIONClamAV detected this file as malware: Win.Trojan.Theatre-2
Open this report in the interactive analyzer, or submit your own file for analysis.