Win.Trojan.Hydraq-93 — Office (OOXML) malware analysis

Static analysis result for SHA-256 7bcc76a6243c0912…

MALICIOUS

Office (OOXML)

179.3 KB
MD5: 6cf39e902fc06e288b99dc04baccd805 SHA-1: b778fd858a23df42a41bc14b660d48b0fdba209b SHA-256: 7bcc76a6243c0912804d8d1735ce446dc1791a0228d50d53a63e8ab43595e756
62 Risk Score

Malware Insights

Win.Trojan.Hydraq-93 · confidence 85%

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The file is identified as Win.Trojan.Hydraq-93 by ClamAV, indicating malicious intent. The presence of embedded URLs, although benign in this specific extraction, points towards a common technique for delivering malicious content. The overall structure suggests this document is likely a spearphishing attachment designed to trick users into opening it and triggering a malicious payload.

Heuristics 2

  • ClamAV: Win.Trojan.Hydraq-93 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.Hydraq-93
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://schemas.openxmlformats.org/officeDocument/2006/math
    • http://schemas.openxmlformats.org/officeDocument/2006/relationships
    • http://schemas.openxmlformats.org/markup-compatibility/2006
    • http://schemas.openxmlformats.org/wordprocessingml/2006/main
    • http://schemas.microsoft.com/office/word/2006/wordml
    • http://schemas.openxmlformats.org/drawingml/2006/wordprocessingDrawing

Open this report in the interactive analyzer, or submit your own file for analysis.