Malicious Office (OLE) / .XLS — malware analysis report

Static analysis result for SHA-256 7b8cd5e6a4779d39…

MALICIOUS

Office (OLE) / .XLS

40.0 KB Created: 2015-06-05 18:17:20 Authoring application: Microsoft Excel
MD5: c6f49263a35cd122a77ec9af25f44f0e SHA-1: b0ca80e9b0538d72660211156e1c7fa0469b8031 SHA-256: 7b8cd5e6a4779d39378cf7fe2a1e262ec915b815285243603025f76b0fc3d38a
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.005 Visual Basic

The sample is an XLS file containing VBA macros. The presence of a GetObject call is a high-severity heuristic indicating potential malicious activity. The macros likely execute malicious code, leading to a malicious verdict. No specific family could be identified.

Heuristics 2

  • GetObject call high OLE_VBA_GETOBJ
    GetObject call
  • VBA macros detected medium OLE_VBA_MACROS
    Document contains VBA macro code

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
macros.bas
603419fee644416cdb4fe59574828e8c52d70cfe0c0b3bc6ce7df3500b8e2f35		 vba-macro oletools.olevba.extract_macros (decoded VBA source) 1835 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.