Office (OLE) / .XLS malware analysis — malicious · 64fb1d1f6526df44

MALICIOUS

Office (OLE) / .XLS

66.5 KB Created: 2010-06-03 12:41:23 Authoring application: Microsoft Excel

MD5: 0babbeff525aad7cb37b45a431f6cdff SHA-1: 97ea510e65127abd461cdfddb9d71cc0c1de2403 SHA-256: 64fb1d1f6526df44482a72348a9e29bb473828d5eb699496078604d1e5db4067

60 Risk Score

Malware Insights

MITRE ATT&CK

T1059.005 Visual Basic

The file is identified as a legacy Excel formula macro virus by a critical heuristic. The document body contains text referencing 'Excel Formula Macro Virus (XF.Classic)' and 'Poppy by VicodinES', indicating its nature and potential origin. The heuristic firing and embedded text strongly suggest the file's purpose is to infect other Excel workbooks.

Heuristics 1

Legacy Excel formula macro virus marker critical OLE_XLS_FORMULA_MACRO_VIRUS

Workbook stream contains self-identifying legacy Excel formula macro virus markers. This indicates the document carries formula macro virus content even when no VBA project or modern XLM macro-sheet structure is present.

Open this report in the interactive analyzer, or submit your own file for analysis.