Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 704bae8994180c2f…

MALICIOUS

Office (OLE)

7.5 KB
MD5: 1aa926587ec54974462a097a0ca85e9c SHA-1: e1e2b6b55b86fb89d6709e924152fbb6d16d10b8 SHA-256: 704bae8994180c2ff4609c3be904701a6fc4c80fd8003f724d34595d657ae51a
60 Risk Score

Malware Insights

The file is identified as a macro virus by ClamAV, specifically 'Win.Trojan.W-283'. The document body contains numerous strings related to VBA macros, including AutoOpen, AutoClose, and Appder, along with references to 'RSN MACRO VIRUS Goat file' and its creator. This strongly suggests the file's primary function is to execute embedded malicious VBA code upon opening.

Heuristics 1

  • ClamAV: Win.Trojan.W-283 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.W-283

Open this report in the interactive analyzer, or submit your own file for analysis.