Office (OLE) / .EXE malware analysis — malicious · 5c36f7747e0acdf8

MALICIOUS

Office (OLE) / .EXE

11.0 KB Created: 1997-01-26 20:32:00 Authoring application: Microsoft Word 6.0

MD5: 3bc2100d5a1b3cc630bc1e5cc9d588e8 SHA-1: 133930600f30f2199aa458f06e5728f4ba75a1b3 SHA-256: 5c36f7747e0acdf8bbe3e57db2e96b2ee76c72c65f4acf6fa243ae5a0371e93b

60 Risk Score

Malware Insights

MITRE ATT&CK

T1204 Malicious Link T1566.001 Spearphishing Attachment

The file is detected as 'Doc.Trojan.Wazzu-6', suggesting it's a trojanized document. The presence of macro-related functions like 'autoOpen', 'fileMacro$', and 'globMacro$' indicates that the document likely contains malicious macros designed to execute arbitrary code. The extracted paths 'C:\TABL1\NIRVANA\GFGFF.TXT' and 'C:\WINWORD\PLANTILL\BREED.DOT' may be related to the payload or infection mechanism.

Heuristics 1

ClamAV: Doc.Trojan.Wazzu-6 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Doc.Trojan.Wazzu-6

Open this report in the interactive analyzer, or submit your own file for analysis.