Concept — Office (OLE) malware analysis

Static analysis result for SHA-256 5aa43db5de2ad4b6…

MALICIOUS

Office (OLE)

13.0 KB Created: 1997-04-30 19:41:00 Authoring application: Microsoft Word for Windows 95 First seen: 2012-06-14
MD5: 19869d0baae1be10157c30b9c61301d0 SHA-1: 0787762df2779f1a7d37765a007356454cce9439 SHA-256: 5aa43db5de2ad4b6350a7bc8b922682407ee40a9a5409858c9e607aa04a650c6
60 Risk Score

Malware Insights

Concept · confidence 95%

The file is identified as Win.Trojan.Concept-14 by ClamAV, indicating it is a variant of the Concept macro virus. The document body contains numerous references to 'PayLoad', 'MacroCount', and infection routines, consistent with macro malware. The presence of VBA-like code and references to system files like C:\config.sys and C:\autoexec.bat suggests an attempt to establish persistence or spread.

Heuristics 1

  • ClamAV: Win.Trojan.Concept-14 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.Concept-14

Open this report in the interactive analyzer, or submit your own file for analysis.