Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 63bb085dd44931b9…

MALICIOUS

Office (OLE)

27.5 KB Created: 1998-04-28 22:02:00 Authoring application: Microsoft Word for Windows 95
MD5: e570d52bb5ac2e4331f27076eedfa411 SHA-1: fa18dd6a6e6d606442ea190613302ff5a89d7ed3 SHA-256: 63bb085dd44931b9d4000bc28f0188ea0f359e51d64034f11f5ddcb6dbd9d4f6
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The file is identified as malicious by ClamAV with the signature Win.Trojan.Cap-1. The document body contains seemingly innocuous formatting guidelines for technical documentation, which is a common lure to disguise malicious intent. No scripts were extracted, and the primary indicator is the ClamAV detection.

Heuristics 1

  • ClamAV: Win.Trojan.Cap-1 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.Cap-1

Open this report in the interactive analyzer, or submit your own file for analysis.