Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 5fe654d990f9d1d4…

MALICIOUS

Office (OLE)

99.0 KB Created: 1999-09-09 01:26:26 Authoring application: Microsoft Excel First seen: 2012-06-14
MD5: f91b4d2a5ab01dbc6e5485ceda9de34e SHA-1: a8d8a5c76feb33f2d4cce165d359866e2d387703 SHA-256: 5fe654d990f9d1d40e7562b6dfea790e2cfc10b7c2b9be0c0c825434f07e4c70
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.005 Visual Basic

The critical heuristic firing for OLE_XLS5_LAROUX_MACRO_VIRUS strongly suggests the presence of the Laroux macro virus, a known threat that spreads through malicious Excel macros. The presence of auto_open and OnSheetActivate markers further supports this, indicating the macro is designed to execute automatically. No specific IOCs were extracted, but the file's nature points to a macro-based attack.

Heuristics 1

  • Excel 5 Laroux/Larou-CV macro-virus marker cluster critical OLE_XLS5_LAROUX_MACRO_VIRUS
    Legacy Excel workbook contains a Laroux/Larou-CV macro-virus marker cluster including auto_open execution and workbook/module replication strings. This is a narrow indicator for an infected legacy Excel macro workbook.

Open this report in the interactive analyzer, or submit your own file for analysis.