Office (OLE) / .XLS malware analysis — malicious · 5adcb05d89655a12

MALICIOUS

Office (OLE) / .XLS

2.67 MB Created: 2008-05-08 04:12:13 Authoring application: Microsoft Excel

MD5: f64af1fdb0fd0c45e079803845d110ee SHA-1: 4ebe91b6d8c90cdb7a7ede00e7f1a6eac39e8c2f SHA-256: 5adcb05d89655a12ac88caae7398fb6ff05fc779fb65412d24ad3497f53ba995

60 Risk Score

Malware Insights

MITRE ATT&CK

T1059.005 Visual Basic

The critical heuristic firing indicates this is a legacy Excel formula macro virus, specifically mentioning 'Poppy by VicodinES' and 'Narkotic Network'. The document body appears to be a list of names and dates, likely a lure or obfuscation, but the primary indicator is the heuristic. The presence of these markers strongly suggests the file is designed to execute embedded macro code.

Heuristics 1

Legacy Excel formula macro virus marker critical OLE_XLS_FORMULA_MACRO_VIRUS

Workbook stream contains self-identifying legacy Excel formula macro virus markers. This indicates the document carries formula macro virus content even when no VBA project or modern XLM macro-sheet structure is present.

Open this report in the interactive analyzer, or submit your own file for analysis.