Office (OOXML) / .XLSX malware analysis — malicious · 6f0c6fabbb031364

MALICIOUS

Office (OOXML) / .XLSX

79.3 KB Created: 2022-06-24 07:22:37 UTC Authoring application: Microsoft Excel 14.0300 First seen: 2022-06-24

MD5: 698006cd7ed845f5ab4522a03a2496be SHA-1: 116c06ecc8f4a091324e21909e5d3c0956fc0682 SHA-256: 6f0c6fabbb0313640798b4b27240442f2c3c0234cc15a3bc06fbac806bc24ad4

60 Risk Score

Malware Insights

MITRE ATT&CK

T1218 System Binary Proxy Execution T1059 Command and Scripting Interpreter

The critical ClamAV heuristic 'Xml.Exploit.DDE_Abuse-9987933-1' indicates the file leverages Dynamic Data Exchange (DDE) to abuse XML processing, likely to execute commands. This technique is commonly used to download and run malicious payloads.

Heuristics 1

ClamAV: Xml.Exploit.DDE_Abuse-9987933-1 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xml.Exploit.DDE_Abuse-9987933-1

Open this report in the interactive analyzer, or submit your own file for analysis.