Win.Trojan.Laroux-42 — Office (OLE) / .VIR malware analysis

Static analysis result for SHA-256 64adbedb26eadbd0…

MALICIOUS

Office (OLE) / .VIR

97.5 KB Created: 1997-06-11 07:30:35 Authoring application: Microsoft Excel
MD5: 827a37a19e68891417b402dd244c8a0e SHA-1: 8742005e4c821e55598bdd1bebe7545ac7cd02ac SHA-256: 64adbedb26eadbd0090881050ed89791563bdf6ac3a431c3d433e5425945fe4d
60 Risk Score

Malware Insights

Win.Trojan.Laroux-42 · confidence 95%

MITRE ATT&CK
T1204 User Execution

The file is identified as Win.Trojan.Laroux-42 by ClamAV, indicating it is a known piece of malware. Despite the presence of document-like text, no specific malicious script or payload was extracted, suggesting the malware might rely on its file type or metadata for execution or further payload delivery. The document content appears to be a corrupted or obfuscated status report, likely a lure.

Heuristics 1

  • ClamAV: Win.Trojan.Laroux-42 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.Laroux-42

Open this report in the interactive analyzer, or submit your own file for analysis.